/* * Copyright (c) 2022-2023, Linus Groh * Copyright (c) 2023, Luke Wilde * Copyright (c) 2023, Sam Atkins * Copyright (c) 2024, Jamie Mansfield * Copyright (c) 2025, Shannon Booth * Copyright (c) 2025, Kenneth Myhra * * SPDX-License-Identifier: BSD-2-Clause */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include namespace Web::Fetch::Fetching { static bool g_http_memory_cache_enabled = false; #define TRY_OR_IGNORE(expression) \ ({ \ auto&& _temporary_result = (expression); \ if (_temporary_result.is_error()) \ return; \ static_assert(!::AK::Detail::IsLvalueReference, \ "Do not return a reference from a fallible expression"); \ _temporary_result.release_value(); \ }) class HTTPCache { public: HTTP::MemoryCache& get(Infrastructure::NetworkPartitionKey const& key) { return *m_cache.ensure(key, [] { return HTTP::MemoryCache::create(); }); } static HTTPCache& the() { static HTTPCache s_cache; return s_cache; } void clear_cache() { m_cache.clear(); } private: HashMap> m_cache; }; // https://fetch.spec.whatwg.org/#determine-the-http-cache-partition static RefPtr determine_the_http_cache_partition(Infrastructure::Request const& request) { // 1. Let key be the result of determining the network partition key given request. auto key = Infrastructure::determine_the_network_partition_key(request); // 2. If key is null, then return null. if (!key.has_value()) return nullptr; // 3. Return the unique HTTP cache associated with key. [HTTP-CACHING] return HTTPCache::the().get(key.value()); } static GC::Ptr select_response_from_cache(JS::Realm& realm, HTTP::MemoryCache& http_cache, Infrastructure::Request const& request) { if (!g_http_memory_cache_enabled) return {}; auto cache_entry = http_cache.open_entry(request.current_url(), request.method(), request.header_list(), request.cache_mode()); if (!cache_entry.has_value()) return {}; auto response = Infrastructure::Response::create(realm.vm()); response->url_list().append(request.current_url()); response->set_method(request.method()); response->set_status(cache_entry->status_code); response->set_status_message(cache_entry->reason_phrase); response->set_header_list(cache_entry->response_headers); auto [response_body, _] = safely_extract_body(realm, cache_entry->response_body.bytes()); response->set_body(response_body); return response; } static void store_response_in_cache(HTTP::MemoryCache& http_cache, Infrastructure::Request const& request, Infrastructure::Response const& response) { if (!g_http_memory_cache_enabled) return; if (request.cache_mode() == HTTP::CacheMode::NoStore) return; http_cache.create_entry(request.current_url(), request.method(), request.header_list(), request.request_time(), response.status(), response.status_message(), response.header_list()); } // https://fetch.spec.whatwg.org/#concept-fetch GC::Ref fetch(JS::Realm& realm, Infrastructure::Request& request, Infrastructure::FetchAlgorithms const& algorithms, UseParallelQueue use_parallel_queue) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'fetch' with: request @ {}", &request); auto& vm = realm.vm(); // 1. Assert: request’s mode is "navigate" or processEarlyHintsResponse is null. VERIFY(request.mode() == Infrastructure::Request::Mode::Navigate || !algorithms.process_early_hints_response()); // 2. Let taskDestination be null. Infrastructure::TaskDestination task_destination; // 3. Let crossOriginIsolatedCapability be false. auto cross_origin_isolated_capability = HTML::CanUseCrossOriginIsolatedAPIs::No; // 4. Populate request from client given request. populate_request_from_client(realm, request); // 5. If request’s client is non-null, then: if (request.client() != nullptr) { // 1. Set taskDestination to request’s client’s global object. task_destination = GC::Ref { request.client()->global_object() }; // 2. Set crossOriginIsolatedCapability to request’s client’s cross-origin isolated capability. cross_origin_isolated_capability = request.client()->cross_origin_isolated_capability(); } // 6. If useParallelQueue is true, then set taskDestination to the result of starting a new parallel queue. if (use_parallel_queue == UseParallelQueue::Yes) task_destination = HTML::ParallelQueue::create(); // 7. Let timingInfo be a new fetch timing info whose start time and post-redirect start time are the coarsened // shared current time given crossOriginIsolatedCapability, and render-blocking is set to request’s // render-blocking. auto timing_info = Infrastructure::FetchTimingInfo::create(vm); auto now = HighResolutionTime::coarsened_shared_current_time(cross_origin_isolated_capability); timing_info->set_start_time(now); timing_info->set_post_redirect_start_time(now); timing_info->set_render_blocking(request.render_blocking()); // 8. Let fetchParams be a new fetch params whose request is request, timing info is timingInfo, process request // body chunk length is processRequestBodyChunkLength, process request end-of-body is processRequestEndOfBody, // process early hints response is processEarlyHintsResponse, process response is processResponse, process // response consume body is processResponseConsumeBody, process response end-of-body is processResponseEndOfBody, // task destination is taskDestination, and cross-origin isolated capability is crossOriginIsolatedCapability. auto fetch_params = Infrastructure::FetchParams::create(vm, request, timing_info); fetch_params->set_algorithms(algorithms); fetch_params->set_task_destination(task_destination); fetch_params->set_cross_origin_isolated_capability(cross_origin_isolated_capability); // 9. If request’s body is a byte sequence, then set request’s body to request’s body as a body. if (auto const* buffer = request.body().get_pointer()) request.set_body(Infrastructure::byte_sequence_as_body(realm, buffer->bytes())); // 10. If all of the following conditions are true: if ( // - request’s URL’s scheme is an HTTP(S) scheme Infrastructure::is_http_or_https_scheme(request.url().scheme()) // - request’s mode is "same-origin", "cors", or "no-cors" && (request.mode() == Infrastructure::Request::Mode::SameOrigin || request.mode() == Infrastructure::Request::Mode::CORS || request.mode() == Infrastructure::Request::Mode::NoCORS) // - request’s client is not null, and request’s client’s global object is a Window object && request.client() && is(request.client()->global_object()) // - request’s method is `GET` && request.method().equals_ignoring_ascii_case("GET"sv) // - request’s unsafe-request flag is not set or request’s header list is empty && (!request.unsafe_request() || request.header_list()->is_empty())) { // 1. Assert: request’s origin is same origin with request’s client’s origin. VERIFY(request.origin().has() && request.origin().get().is_same_origin(request.client()->origin())); // 2. Let onPreloadedResponseAvailable be an algorithm that runs the following step given a response // response: set fetchParams’s preloaded response candidate to response. auto on_preloaded_response_available = GC::create_function(realm.heap(), [fetch_params](GC::Ref response) { fetch_params->set_preloaded_response_candidate(response); // NB: main fetch may already be parked on this preload result. // Resolve that waiter here instead of spinning the event loop. auto controller = fetch_params->controller(); if (auto pending_preloaded_response = controller->pending_preloaded_response()) { controller->set_pending_preloaded_response(nullptr); pending_preloaded_response->resolve(response); } }); // 3. Let foundPreloadedResource be the result of invoking consume a preloaded resource for request’s // window, given request’s URL, request’s destination, request’s mode, request’s credentials mode, // request’s integrity metadata, and onPreloadedResponseAvailable. auto& window = as(request.client()->global_object()); auto found_preloaded_resource = HTML::consume_a_preloaded_resource( window, request.url(), request.destination(), request.mode(), request.credentials_mode(), request.integrity_metadata(), on_preloaded_response_available); // 4. If foundPreloadedResource is true and fetchParams’s preloaded response candidate is null, then set // fetchParams’s preloaded response candidate to "pending". if (found_preloaded_resource && fetch_params->preloaded_response_candidate().has()) fetch_params->set_preloaded_response_candidate(Infrastructure::FetchParams::PreloadedResponseCandidatePendingTag {}); } // 11. If request’s header list does not contain `Accept`, then: if (!request.header_list()->contains("Accept"sv)) { // 1. Let value be `*/*`. auto value = "*/*"sv; // 2. If request’s initiator is "prefetch", then set value to the document `Accept` header value. if (request.initiator() == Infrastructure::Request::Initiator::Prefetch) { value = document_accept_header_value; } // 3. Otherwise, the user agent should set value to the first matching statement, if any, switching on request’s destination: else if (request.destination().has_value()) { switch (*request.destination()) { // -> "document" // -> "frame" // -> "iframe" case Infrastructure::Request::Destination::Document: case Infrastructure::Request::Destination::Frame: case Infrastructure::Request::Destination::IFrame: // the document `Accept` header value value = document_accept_header_value; break; // -> "image" case Infrastructure::Request::Destination::Image: // `image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5` // AD-HOC: The spec default omits AVIF and WebP, which causes CDNs that perform format negotiation to // potentially fall back to non alpha-preserving formats. // Spec issue: https://github.com/whatwg/fetch/issues/1740 value = "image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5"sv; break; // -> "json" case Infrastructure::Request::Destination::JSON: // `application/json,*/*;q=0.5` value = "application/json,*/*;q=0.5"sv; break; // -> "style" case Infrastructure::Request::Destination::Style: // `text/css,*/*;q=0.1` value = "text/css,*/*;q=0.1"sv; break; default: break; } } // 4. Append (`Accept`, value) to request’s header list. auto header = HTTP::Header::isomorphic_encode("Accept"sv, value); request.header_list()->append(move(header)); } // 12. If request’s header list does not contain `Accept-Language`, then user agents should append // (`Accept-Language, an appropriate header value) to request’s header list. if (!request.header_list()->contains("Accept-Language"sv)) { StringBuilder accept_language; accept_language.join(","sv, ResourceLoader::the().preferred_languages()); auto header = HTTP::Header::isomorphic_encode("Accept-Language"sv, accept_language.string_view()); request.header_list()->append(move(header)); } // 13. If request’s internal priority is null, then use request’s priority, initiator, destination, and // render-blocking in an implementation-defined manner to set request’s internal priority to an // implementation-defined object. // NOTE: The user-agent-defined object could encompass stream weight and dependency for HTTP/2, and equivalent // information used to prioritize dispatch and processing of HTTP/1 fetches. // 14. If request is a subresource request, then: if (request.is_subresource_request()) { // 1. Let record be a new fetch record whose request is request and controller is fetchParams’s controller. auto record = Infrastructure::FetchRecord::create(vm, request, fetch_params->controller()); // 2. Append record to request’s client’s fetch group’s fetch records. request.client()->fetch_group().append(record); } // 15. Run main fetch given fetchParams. (void)main_fetch(realm, fetch_params); // 16. Return fetchParams’s controller. return fetch_params->controller(); } // https://fetch.spec.whatwg.org/#populate-request-from-client void populate_request_from_client(JS::Realm const& realm, Infrastructure::Request& request) { auto& heap = realm.heap(); // 1. If request’s traversable for user prompts is "client": auto const* traversable_for_user_prompts = request.traversable_for_user_prompts().get_pointer(); if (traversable_for_user_prompts && *traversable_for_user_prompts == Infrastructure::Request::TraversableForUserPrompts::Client) { // 1. Set request’s traversable for user prompts to "no-traversable". request.set_traversable_for_user_prompts(Infrastructure::Request::TraversableForUserPrompts::NoTraversable); // 2. If request’s client is non-null: if (request.client()) { // 1. Let global be request’s client’s global object. auto& global = request.client()->global_object(); // 2. If global is a Window object and global’s navigable is not null, then set request’s traversable for // user prompts to global’s navigable’s traversable navigable. if (auto const* window = as_if(global)) { if (window->navigable()) request.set_traversable_for_user_prompts(window->navigable()->traversable_navigable()); } } } // 2. If request’s origin is "client": auto const* origin = request.origin().get_pointer(); if (origin && *origin == Infrastructure::Request::Origin::Client) { // 1. Assert: request’s client is non-null. VERIFY(request.client()); // 2. Set request’s origin to request’s client’s origin. request.set_origin(request.client()->origin()); } // 3. If request’s policy container is "client": auto const* policy_container = request.policy_container().get_pointer(); if (policy_container && *policy_container == Infrastructure::Request::PolicyContainer::Client) { // 1. If request’s client is non-null, then set request’s policy container to a clone of request’s client’s // policy container. if (request.client()) request.set_policy_container(request.client()->policy_container()->clone(heap)); // 2. Otherwise, set request’s policy container to a new policy container. else request.set_policy_container(heap.allocate(heap)); } } // https://fetch.spec.whatwg.org/#concept-main-fetch GC::Ptr main_fetch(JS::Realm& realm, Infrastructure::FetchParams const& fetch_params, Recursive recursive) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'main fetch' with: fetch_params @ {}", &fetch_params); auto& vm = realm.vm(); // 1. Let request be fetchParams’s request. auto request = fetch_params.request(); // 2. Let response be null. GC::Ptr response; // 3. If request’s local-URLs-only flag is set and request’s current URL is not local, then set response to a // network error. if (request->local_urls_only() && !Infrastructure::is_local_url(request->current_url())) response = Infrastructure::Response::network_error(vm, "Request with 'local-URLs-only' flag must have a local URL"_string); // 4. Run report Content Security Policy violations for request. ContentSecurityPolicy::report_content_security_policy_violations_for_request(realm, request); // FIXME: 5. Upgrade request to a potentially trustworthy URL, if appropriate. // 6. Upgrade a mixed content request to a potentially trustworthy URL, if appropriate. MixedContent::upgrade_a_mixed_content_request_to_a_potentially_trustworthy_url_if_appropriate(request); // 7. If should request be blocked due to a bad port, should fetching request be blocked as mixed content, should // request be blocked by Content Security Policy, or should request be blocked by Integrity Policy Policy // returns blocked, then set response to a network error. if (Infrastructure::block_bad_port(request) == Infrastructure::RequestOrResponseBlocking::Blocked || MixedContent::should_fetching_request_be_blocked_as_mixed_content(request) == Infrastructure::RequestOrResponseBlocking::Blocked || ContentSecurityPolicy::should_request_be_blocked_by_content_security_policy(realm, request) == ContentSecurityPolicy::Directives::Directive::Result::Blocked || ContentSecurityPolicy::should_request_be_blocked_by_integrity_policy(request) == ContentSecurityPolicy::Directives::Directive::Result::Blocked) { response = Infrastructure::Response::network_error(vm, "Request was blocked"_string); } // 8. If request’s referrer policy is the empty string, then set request’s referrer policy to request’s policy // container’s referrer policy. if (request->referrer_policy() == ReferrerPolicy::ReferrerPolicy::EmptyString) { VERIFY(request->policy_container().has>()); request->set_referrer_policy(request->policy_container().get>()->referrer_policy); } // 9. If request’s referrer is not "no-referrer", then set request’s referrer to the result of invoking determine // request’s referrer. // NOTE: As stated in Referrer Policy, user agents can provide the end user with options to override request’s // referrer to "no-referrer" or have it expose less sensitive information. auto const* referrer = request->referrer().get_pointer(); if (!referrer || *referrer != Infrastructure::Request::Referrer::NoReferrer) { auto determined_referrer = ReferrerPolicy::determine_requests_referrer(request); if (determined_referrer.has_value()) request->set_referrer(*determined_referrer); else request->set_referrer(Infrastructure::Request::Referrer::NoReferrer); } // 10. Set request’s current URL’s scheme to "https" if all of the following conditions are true: if ( // - request’s current URL’s scheme is "http" request->current_url().scheme() == "http"sv // - request’s current URL’s host is a domain && request->current_url().host().has_value() && request->current_url().host()->is_domain() // FIXME: - Matching request’s current URL’s host per Known HSTS Host Domain Name Matching results in either a // superdomain match with an asserted includeSubDomains directive or a congruent match (with or without an // asserted includeSubDomains directive) [HSTS]; or DNS resolution for the request finds a matching HTTPS RR // per section 9.5 of [SVCB]. && false) { request->current_url().set_scheme("https"_string); } auto get_response = GC::create_function(vm.heap(), [&realm, &vm, &fetch_params, request]() -> GC::Ref { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'main fetch' get_response() function"); auto const* origin = request->origin().get_pointer(); // -> fetchParams’s preloaded response candidate is not null if (!fetch_params.preloaded_response_candidate().has()) { // 1. Wait until fetchParams's preloaded response candidate is not "pending". if (fetch_params.preloaded_response_candidate().has()) { // NB: The spec says to wait here. Spinning the main-thread event // loop strands the queued preload callback behind nested work, // so we park a PendingResponse and let that callback resolve it. auto controller = fetch_params.controller(); // NB: Reuse the parked response if this branch is re-entered // before the preload callback runs. if (auto pending_preloaded_response = controller->pending_preloaded_response()) return *pending_preloaded_response; auto pending_preloaded_response = PendingResponse::create(vm, request); controller->set_pending_preloaded_response(pending_preloaded_response); return pending_preloaded_response; } // 2. Assert: fetchParams’s preloaded response candidate is a response. VERIFY(fetch_params.preloaded_response_candidate().has>()); // 3. Return fetchParams’s preloaded response candidate. return PendingResponse::create(vm, request, fetch_params.preloaded_response_candidate().get>()); } // -> request’s current URL’s origin is same origin with request’s origin, and request’s response tainting is "basic" // -> request’s current URL’s scheme is "data" // -> request’s mode is "navigate" or "websocket" // AD-HOC: Treat file:// font loads from file:// pages as same-origin. // Fonts require CORS mode per spec, but file:// origins are opaque in our implementation, // so the standard same-origin check always fails. Other browsers (Chromium, WebKit, Firefox) // all allow loading fonts from file:// URLs on file:// pages. auto is_file_to_file_font_load = origin && origin->is_opaque_file_origin() && request->current_url().scheme() == "file"sv && request->destination() == Infrastructure::Request::Destination::Font; if ( (origin && request->current_url().origin().is_same_origin(*origin) && request->response_tainting() == Infrastructure::Request::ResponseTainting::Basic) || is_file_to_file_font_load || request->current_url().scheme() == "data"sv || (request->mode() == Infrastructure::Request::Mode::Navigate || request->mode() == Infrastructure::Request::Mode::WebSocket)) { // 1. Set request’s response tainting to "basic". request->set_response_tainting(Infrastructure::Request::ResponseTainting::Basic); // 2. Return the result of running scheme fetch given fetchParams. return scheme_fetch(realm, fetch_params); // NOTE: HTML assigns any documents and workers created from URLs whose scheme is "data" a unique // opaque origin. Service workers can only be created from URLs whose scheme is an HTTP(S) scheme. } // -> request’s mode is "same-origin" if (request->mode() == Infrastructure::Request::Mode::SameOrigin) { // Return a network error. return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request with 'same-origin' mode must have same URL and request origin"_string)); } // -> request’s mode is "no-cors" if (request->mode() == Infrastructure::Request::Mode::NoCORS) { // 1. If request’s redirect mode is not "follow", then return a network error. if (request->redirect_mode() != Infrastructure::Request::RedirectMode::Follow) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request with 'no-cors' mode must have redirect mode set to 'follow'"_string)); // 2. Set request’s response tainting to "opaque". request->set_response_tainting(Infrastructure::Request::ResponseTainting::Opaque); // 3. Return the result of running scheme fetch given fetchParams. return scheme_fetch(realm, fetch_params); } // -> request’s current URL’s scheme is not an HTTP(S) scheme // AD-HOC: We allow CORS requests for resource:// URLs from opaque origins to enable requesting JS modules from internal pages. if (!Infrastructure::is_http_or_https_scheme(request->current_url().scheme()) && !(origin && origin->is_opaque() && request->current_url().scheme() == "resource"sv)) { // NOTE: At this point all other request modes have been handled. Ensure we're not lying in the error message :^) VERIFY(request->mode() == Infrastructure::Request::Mode::CORS); // Return a network error. return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request with 'cors' mode must have URL with HTTP or HTTPS scheme"_string)); } // -> request’s use-CORS-preflight flag is set // -> request’s unsafe-request flag is set and either request’s method is not a CORS-safelisted method or // CORS-unsafe request-header names with request’s header list is not empty if ( request->use_cors_preflight() || (request->unsafe_request() && (!HTTP::is_cors_safelisted_method(request->method()) || !Infrastructure::get_cors_unsafe_header_names(request->header_list()).is_empty()))) { // 1. Set request’s response tainting to "cors". request->set_response_tainting(Infrastructure::Request::ResponseTainting::CORS); auto returned_pending_response = PendingResponse::create(vm, request); // 2. Let corsWithPreflightResponse be the result of running HTTP fetch given fetchParams and true. auto cors_with_preflight_response = http_fetch(realm, fetch_params, MakeCORSPreflight::Yes); cors_with_preflight_response->when_loaded([returned_pending_response](GC::Ref cors_with_preflight_response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'main fetch' cors_with_preflight_response load callback"); // 3. If corsWithPreflightResponse is a network error, then clear cache entries using request. if (cors_with_preflight_response->is_network_error()) { // FIXME: Clear cache entries } // 4. Return corsWithPreflightResponse. returned_pending_response->resolve(cors_with_preflight_response); }); return returned_pending_response; } // -> Otherwise // 1. Set request’s response tainting to "cors". request->set_response_tainting(Infrastructure::Request::ResponseTainting::CORS); // 2. Return the result of running HTTP fetch given fetchParams. return http_fetch(realm, fetch_params); }); if (recursive == Recursive::Yes) { // 12. If response is null, then set response to the result of running the steps corresponding to the first // matching statement: auto pending_response = !response ? get_response->function()() : PendingResponse::create(vm, request, *response); // 13. If recursive is true, then return response. return pending_response; } // 11. If recursive is false, then run the remaining steps in parallel. Platform::EventLoopPlugin::the().deferred_invoke(GC::create_function(realm.heap(), [&realm, &vm, &fetch_params, request, response, get_response] { // 12. If response is null, then set response to the result of running the steps corresponding to the first // matching statement: auto pending_response = PendingResponse::create(vm, request, Infrastructure::Response::create(vm)); if (!response) { pending_response = get_response->function()(); } pending_response->when_loaded([&realm, &vm, &fetch_params, request, response, response_was_null = !response](GC::Ref resolved_response) mutable { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'main fetch' pending_response load callback"); if (response_was_null) response = resolved_response; // 14. If response is not a network error and response is not a filtered response, then: if (!response->is_network_error() && !is(*response)) { // 1. If request’s response tainting is "cors", then: if (request->response_tainting() == Infrastructure::Request::ResponseTainting::CORS) { // 1. Let headerNames be the result of extracting header list values given // `Access-Control-Expose-Headers` and response’s header list. auto header_names_or_failure = response->header_list()->extract_header_list_values("Access-Control-Expose-Headers"sv); if (auto* header_names = header_names_or_failure.get_pointer>()) { // 2. If request’s credentials mode is not "include" and headerNames contains `*`, then set // response’s CORS-exposed header-name list to all unique header names in response’s header // list. if (request->credentials_mode() != Infrastructure::Request::CredentialsMode::Include && header_names->contains_slow("*"sv)) { auto unique_header_names = response->header_list()->unique_names(); response->set_cors_exposed_header_name_list(move(unique_header_names)); } // 3. Otherwise, if headerNames is not null or failure, then set response’s CORS-exposed // header-name list to headerNames. else if (!header_names->is_empty()) { response->set_cors_exposed_header_name_list(move(*header_names)); } } } // 2. Set response to the following filtered response with response as its internal response, depending // on request’s response tainting: response = [&]() -> GC::Ref { switch (request->response_tainting()) { // -> "basic" case Infrastructure::Request::ResponseTainting::Basic: // basic filtered response return Infrastructure::BasicFilteredResponse::create(vm, *response); // -> "cors" case Infrastructure::Request::ResponseTainting::CORS: // CORS filtered response return Infrastructure::CORSFilteredResponse::create(vm, *response); // -> "opaque" case Infrastructure::Request::ResponseTainting::Opaque: // opaque filtered response return Infrastructure::OpaqueFilteredResponse::create(vm, *response); default: VERIFY_NOT_REACHED(); } }(); } // 15. Let internalResponse be response, if response is a network error, and response’s internal response // otherwise. auto internal_response = response->is_network_error() ? GC::Ref { *response } : static_cast(*response).internal_response(); // 16. If internalResponse’s URL list is empty, then set it to a clone of request’s URL list. // NOTE: A response’s URL list can be empty (for example, when the response represents an about URL). if (internal_response->url_list().is_empty()) internal_response->set_url_list(request->url_list()); // 17. Set internalResponse’s redirect taint to request’s redirect-taint. internal_response->set_redirect_taint(request->redirect_taint()); // 18. If request’s timing allow failed flag is unset, then set internalResponse’s timing allow passed flag. if (!request->timing_allow_failed()) internal_response->set_timing_allow_passed(true); // 19. If response is not a network error and any of the following returns blocked if (!response->is_network_error() && ( // - should internalResponse to request be blocked as mixed content MixedContent::should_response_to_request_be_blocked_as_mixed_content(request, internal_response) == Infrastructure::RequestOrResponseBlocking::Blocked // - should internalResponse to request be blocked by Content Security Policy || ContentSecurityPolicy::should_response_to_request_be_blocked_by_content_security_policy(realm, internal_response, request) == ContentSecurityPolicy::Directives::Directive::Result::Blocked // - should internalResponse to request be blocked due to its MIME type || Infrastructure::should_response_to_request_be_blocked_due_to_its_mime_type(internal_response, request) == Infrastructure::RequestOrResponseBlocking::Blocked // - should internalResponse to request be blocked due to nosniff || Infrastructure::should_response_to_request_be_blocked_due_to_nosniff(internal_response, request) == Infrastructure::RequestOrResponseBlocking::Blocked)) { // then set response and internalResponse to a network error. response = internal_response = Infrastructure::Response::network_error(vm, "Response was blocked"_string); } // 20. If response’s type is "opaque", internalResponse’s status is 206, internalResponse’s range-requested // flag is set, and request’s header list does not contain `Range`, then set response and // internalResponse to a network error. // NOTE: Traditionally, APIs accept a ranged response even if a range was not requested. This prevents a // partial response from an earlier ranged request being provided to an API that did not make a range // request. if (response->type() == Infrastructure::Response::Type::Opaque && internal_response->status() == 206 && internal_response->range_requested() && !request->header_list()->contains("Range"sv)) { response = internal_response = Infrastructure::Response::network_error(vm, "Response has status 206 and 'range-requested' flag set, but request has no 'Range' header"_string); } // 21. If response is not a network error and either request’s method is `HEAD` or `CONNECT`, or // internalResponse’s status is a null body status, set internalResponse’s body to null and disregard // any enqueuing toward it (if any). // NOTE: This standardizes the error handling for servers that violate HTTP. if (!response->is_network_error() && (request->method().is_one_of("HEAD"sv, "CONNECT"sv) || Infrastructure::is_null_body_status(internal_response->status()))) internal_response->set_body({}); // 22. If request’s integrity metadata is not the empty string, then: if (!request->integrity_metadata().is_empty()) { // 1. Let processBodyError be this step: run fetch response handover given fetchParams and a network // error. auto process_body_error = GC::create_function(vm.heap(), [&realm, &vm, &fetch_params](JS::Value) { fetch_response_handover(realm, fetch_params, Infrastructure::Response::network_error(vm, "Response body could not be processed"_string)); }); // 2. If response’s body is null, then run processBodyError and abort these steps. if (!response->body()) { process_body_error->function()({}); return; } // 3. Let processBody given bytes be these steps: auto process_body = GC::create_function(vm.heap(), [&realm, request, response, &fetch_params, process_body_error](ByteBuffer bytes) { // 1. If bytes do not match request’s integrity metadata, then run processBodyError and abort these steps. if (!TRY_OR_IGNORE(SRI::do_bytes_match_metadata_list(bytes, request->integrity_metadata()))) { process_body_error->function()({}); return; } // 2. Set response’s body to bytes as a body. response->set_body(Infrastructure::byte_sequence_as_body(realm, bytes)); // 3. Run fetch response handover given fetchParams and response. fetch_response_handover(realm, fetch_params, *response); }); // 4. Fully read response’s body given processBody and processBodyError. response->body()->fully_read(realm, process_body, process_body_error, fetch_params.task_destination()); } // 23. Otherwise, run fetch response handover given fetchParams and response. else { fetch_response_handover(realm, fetch_params, *response); } }); })); return GC::Ptr {}; } // https://fetch.spec.whatwg.org/#request-determine-the-environment static GC::Ptr determine_the_environment(GC::Ref request) { // 1. If request’s reserved client is non-null, then return request’s reserved client. if (request->reserved_client()) return request->reserved_client(); // 2. If request’s client is non-null, then return request’s client. if (request->client()) return request->client(); // 3. Return null. return {}; } // https://fetch.spec.whatwg.org/#fetch-finale void fetch_response_handover(JS::Realm& realm, Infrastructure::FetchParams const& fetch_params, Infrastructure::Response& response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'fetch response handover' with: fetch_params @ {}, response @ {}", &fetch_params, &response); auto& vm = realm.vm(); // 1. Let timingInfo be fetchParams’s timing info. auto timing_info = fetch_params.timing_info(); // 2. If response is not a network error and fetchParams’s request’s client is a secure context, then set // timingInfo’s server-timing headers to the result of getting, decoding, and splitting `Server-Timing` from // response’s header list. // The user agent may decide to expose `Server-Timing` headers to non-secure contexts requests as well. auto client = fetch_params.request()->client(); if (!response.is_network_error() && client != nullptr && HTML::is_secure_context(*client)) { if (auto server_timing_headers = response.header_list()->get_decode_and_split("Server-Timing"sv); server_timing_headers.has_value()) timing_info->set_server_timing_headers(server_timing_headers.release_value()); } // AD-HOC: We extract steps 1-3 of processResponseEndOfBody into a separate lambda so we can also call it from // the error path. The fetch spec only runs processResponseEndOfBody on successful body read (via the // transform stream's flush algorithm). However, processResponseConsumeBody is called for both success // and failure, and specs like HTML's preload algorithm expect to be able to call reportTiming from // within processResponseConsumeBody. So we ensure report_timing_steps is set on error too, which allows // reportTiming to work without asserting, and still produces useful timing data for failed fetches. auto setup_report_timing_steps = [&vm, &response, &fetch_params, timing_info] { // 1. Let unsafeEndTime be the unsafe shared current time. auto unsafe_end_time = HighResolutionTime::unsafe_shared_current_time(); // 2. If fetchParams’s request’s destination is "document", then set fetchParams’s controller’s full timing // info to fetchParams’s timing info. if (fetch_params.request()->destination() == Infrastructure::Request::Destination::Document) fetch_params.controller()->set_full_timing_info(fetch_params.timing_info()); // 3. Set fetchParams’s controller’s report timing steps to the following steps given a global object global: fetch_params.controller()->set_report_timing_steps([&vm, &response, &fetch_params, timing_info, unsafe_end_time](JS::Object& global) mutable { // 1. If fetchParams’s request’s URL’s scheme is not an HTTP(S) scheme, then return. if (!Infrastructure::is_http_or_https_scheme(fetch_params.request()->url().scheme())) return; // 2. Set timingInfo’s end time to the relative high resolution time given unsafeEndTime and global. // Spec Issue: Using relative time here is incorrect, as end time is converted to relative time by Resource Timing, // causing it to take a relative time of an already relative time, effectively make it always a negative // value approximately the value of the time origin. timing_info->set_end_time(unsafe_end_time); // 3. Let cacheState be response’s cache state. auto cache_state = response.cache_state(); // 4. Let bodyInfo be response’s body info. auto body_info = response.body_info(); // 5. If response’s timing allow passed flag is not set, then set timingInfo to the result of creating an // opaque timing info for timingInfo, set bodyInfo to a new response body info, and set cacheState to // the empty string. // NOTE: This covers the case of response being a network error. if (!response.timing_allow_passed()) { timing_info = Infrastructure::create_opaque_timing_info(vm, timing_info); body_info = Infrastructure::Response::BodyInfo {}; cache_state = {}; } // 6. Let responseStatus be 0. auto response_status = 0; // 7. If fetchParams’s request’s mode is not "navigate" or response’s redirect taint is "same-origin": if (fetch_params.request()->mode() != Infrastructure::Request::Mode::Navigate || response.redirect_taint() == Infrastructure::RedirectTaint::SameOrigin) { // 1. Set responseStatus to response’s status. response_status = response.status(); // 2. Let mimeType be the result of extracting a MIME type from response’s header list. auto mime_type = Infrastructure::extract_mime_type(response.header_list()); // 3. If mimeType is non-null, then set bodyInfo’s content type to the result of minimizing a supported MIME type given mimeType. if (mime_type.has_value()) body_info.content_type = MimeSniff::minimise_a_supported_mime_type(mime_type.value()); } // 8. If fetchParams’s request’s initiator type is not null, then mark resource timing given timingInfo, // request’s URL, request’s initiator type, global, cacheState, bodyInfo, and responseStatus. if (fetch_params.request()->initiator_type().has_value()) { ResourceTiming::PerformanceResourceTiming::mark_resource_timing(timing_info, fetch_params.request()->url().to_string(), Infrastructure::initiator_type_to_string(fetch_params.request()->initiator_type().value()), global, cache_state, body_info, response_status); } }); }; // 3. Let processResponseEndOfBody be the following steps: auto process_response_end_of_body = [&vm, &fetch_params, &response, setup_report_timing_steps] { // 1-3. (See setup_report_timing_steps above) setup_report_timing_steps(); // 4. Let processResponseEndOfBodyTask be the following steps: auto process_response_end_of_body_task = GC::create_function(vm.heap(), [&fetch_params, &response] { // 1. Set fetchParams’s request’s done flag. fetch_params.request()->set_done(true); // 2. If fetchParams’s process response end-of-body is non-null, then run fetchParams’s process response // end-of-body given response. if (fetch_params.algorithms()->process_response_end_of_body()) (fetch_params.algorithms()->process_response_end_of_body())(response); // 3. If fetchParams’s request’s initiator type is non-null and fetchParams’s request’s client’s global // object is fetchParams’s task destination, then run fetchParams’s controller’s report timing steps // given fetchParams’s request’s client’s global object. auto client = fetch_params.request()->client(); auto const* task_destination_global_object = fetch_params.task_destination().get_pointer>(); if (client != nullptr && task_destination_global_object != nullptr) { if (fetch_params.request()->initiator_type().has_value() && &client->global_object() == task_destination_global_object->ptr()) fetch_params.controller()->report_timing(client->global_object()); } }); // 5. Queue a fetch task to run processResponseEndOfBodyTask with fetchParams’s task destination. Infrastructure::queue_fetch_task(fetch_params.controller(), fetch_params.task_destination(), move(process_response_end_of_body_task)); }; // 4. If fetchParams’s process response is non-null, then queue a fetch task to run fetchParams’s process response // given response, with fetchParams’s task destination. if (fetch_params.algorithms()->process_response()) { Infrastructure::queue_fetch_task(fetch_params.controller(), fetch_params.task_destination(), GC::create_function(vm.heap(), [&fetch_params, &response]() { fetch_params.algorithms()->process_response()(response); })); } // 5. Let internalResponse be response, if response is a network error; otherwise response’s internal response. auto internal_response = response.is_network_error() ? GC::Ref { response } : response.unsafe_response(); // 6. If internalResponse’s body is null, then run processResponseEndOfBody. if (!internal_response->body()) { process_response_end_of_body(); } // 7. Otherwise: else { HTML::TemporaryExecutionContext const execution_context { realm, HTML::TemporaryExecutionContext::CallbacksEnabled::Yes }; // 1. Let transformStream be a new TransformStream. auto transform_stream = realm.create(realm); // 2. Let identityTransformAlgorithm be an algorithm which, given chunk, enqueues chunk in transformStream. auto identity_transform_algorithm = GC::create_function(realm.heap(), [&realm, transform_stream](JS::Value chunk) -> GC::Ref { MUST(Streams::transform_stream_default_controller_enqueue(*transform_stream->controller(), chunk)); return WebIDL::create_resolved_promise(realm, JS::js_undefined()); }); // 3. Set up transformStream with transformAlgorithm set to identityTransformAlgorithm and flushAlgorithm set // to processResponseEndOfBody. auto flush_algorithm = GC::create_function(realm.heap(), [&realm, process_response_end_of_body]() -> GC::Ref { process_response_end_of_body(); return WebIDL::create_resolved_promise(realm, JS::js_undefined()); }); transform_stream->set_up(identity_transform_algorithm, flush_algorithm); // 4. Set internalResponse’s body’s stream to the result of internalResponse’s body’s stream piped through transformStream. internal_response->body()->set_stream(internal_response->body()->stream()->piped_through(transform_stream)); } // 8. If fetchParams’s process response consume body is non-null, then: auto algorithms = fetch_params.algorithms(); if (algorithms->process_response_consume_body()) { // 1. Let processBody given nullOrBytes be this step: run fetchParams’s process response consume body given // response and nullOrBytes. auto process_body = GC::create_function(vm.heap(), [algorithms, &response](ByteBuffer bytes) { (algorithms->process_response_consume_body())(response, move(bytes)); }); // 2. Let processBodyError be this step: run fetchParams’s process response consume body given response and // failure. auto process_body_error = GC::create_function(vm.heap(), [algorithms, &response, setup_report_timing_steps](JS::Value) { // AD-HOC: See comment on setup_report_timing_steps above. setup_report_timing_steps(); (algorithms->process_response_consume_body())(response, Infrastructure::FetchAlgorithms::ConsumeBodyFailureTag {}); }); // 3. If internalResponse's body is null, then queue a fetch task to run processBody given null, with // fetchParams’s task destination. if (!internal_response->body()) { Infrastructure::queue_fetch_task(fetch_params.controller(), fetch_params.task_destination(), GC::create_function(vm.heap(), [algorithms, &response]() { // NOTE: We have to provide `fully_read` a callback which accepts a ByteBuffer. Since that is not // nullable, we just invoke `process_response_consume_body` with a null value manually here. (algorithms->process_response_consume_body())(response, Empty {}); })); } // 4. Otherwise, fully read internalResponse body given processBody, processBodyError, and fetchParams’s task // destination. else { internal_response->body()->fully_read(realm, process_body, process_body_error, fetch_params.task_destination()); } } } // https://fetch.spec.whatwg.org/#concept-scheme-fetch GC::Ref scheme_fetch(JS::Realm& realm, Infrastructure::FetchParams const& fetch_params) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'scheme fetch' with: fetch_params @ {}", &fetch_params); auto& vm = realm.vm(); // 1. If fetchParams is canceled, then return the appropriate network error for fetchParams. if (fetch_params.is_canceled()) return PendingResponse::create(vm, fetch_params.request(), Infrastructure::Response::appropriate_network_error(vm, fetch_params)); // 2. Let request be fetchParams’s request. auto request = fetch_params.request(); // 3. Switch on request’s current URL’s scheme and run the associated steps: // -> "about" if (request->current_url().scheme() == "about"sv) { // If request’s current URL’s path is the string "blank", then return a new response whose status message is // `OK`, header list is « (`Content-Type`, `text/html;charset=utf-8`) », and body is the empty byte sequence as // a body. // NOTE: URLs such as "about:config" are handled during navigation and result in a network error in the context // of fetching. if (request->current_url().paths().size() == 1 && request->current_url().paths()[0] == "blank"sv) { auto response = Infrastructure::Response::create(vm); response->set_status_message("OK"sv); response->header_list()->append({ "Content-Type"sv, "text/html;charset=utf-8"sv }); response->set_body(Infrastructure::byte_sequence_as_body(realm, ""sv.bytes())); return PendingResponse::create(vm, request, response); } // FIXME: This is actually wrong, see note above. return nonstandard_resource_loader_file_or_http_network_fetch(realm, fetch_params); } // -> "blob" else if (request->current_url().scheme() == "blob"sv) { // 1. Let blobURLEntry be request’s current URL’s blob URL entry. auto const& blob_url_entry = request->current_url().blob_url_entry(); // 2. If request’s method is not `GET` or blobURLEntry is null, then return a network error. [FILEAPI] if (request->method() != "GET"sv || !blob_url_entry.has_value()) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request has an invalid 'blob:' URL"_string)); // 3. Let requestEnvironment be the result of determining the environment given request. auto request_environment = determine_the_environment(request); // 4. Let isTopLevelSelfFetch be false. bool is_top_level_self_fetch = false; // 5. If request’s client is non-null: if (request->client() != nullptr) { // 1. Let global be request’s client’s global object. auto const* global_window = as_if(request->client()->global_object()); // 2. If all of the following conditions are true: if ( // global is a Window object; global_window != nullptr && // global’s navigable is not null; global_window->navigable() != nullptr && // global’s navigable’s parent is null; and global_window->navigable()->parent() == nullptr && // requestEnvironment’s creation URL equals request’s current URL, request_environment->creation_url == request->current_url()) // then set isTopLevelSelfFetch to true. is_top_level_self_fetch = true; } // 6. Let stringOrEnvironment be the result of these steps: auto string_or_environment = [&]() -> Variant, FileAPI::TopLevelNavigation, FileAPI::TopLevelSelfFetch> { // 1. If request’s destination is "document", then return "top-level-navigation". if (request->destination() == Infrastructure::Request::Destination::Document) return FileAPI::TopLevelNavigation(); // 2. If isTopLevelSelfFetch is true, then return "top-level-self-fetch". if (is_top_level_self_fetch) return FileAPI::TopLevelSelfFetch(); // 3. Return requestEnvironment. return GC::Ref(*request_environment); }(); // 7. Let blob be the result of obtaining a blob object given blobURLEntry and navigationOrEnvironment. auto maybe_blob_object = FileAPI::obtain_a_blob_object(blob_url_entry.value(), string_or_environment); // 8. If blob is not a Blob object, then return a network error. if (!maybe_blob_object.has_value()) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Failed to obtain a Blob object from 'blob:' URL"_string)); URL::BlobURLEntry::Blob* blob_object; if (blob_object = maybe_blob_object.value().get_pointer(); !blob_object) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Failed to obtain a Blob object from 'blob:' URL"_string)); auto const blob = FileAPI::Blob::create(realm, blob_object->data, blob_object->type); // 9. Let response be a new response. auto response = Infrastructure::Response::create(vm); // 10. Let fullLength be blob’s size. auto full_length = blob->size(); // 11. Let serializedFullLength be fullLength, serialized and isomorphic encoded. auto serialized_full_length = String::number(full_length); // 12. Let type be blob’s type. auto const& type = blob->type(); // 13. If request’s header list does not contain `Range`: if (!request->header_list()->contains("Range"sv)) { // 1. Let bodyWithType be the result of safely extracting blob. auto body_with_type = safely_extract_body(realm, blob->raw_bytes()); // 2. Set response’s status message to `OK`. response->set_status_message("OK"sv); // 3. Set response’s body to bodyWithType’s body. response->set_body(body_with_type.body); // 4. Set response’s header list to « (`Content-Length`, serializedFullLength), (`Content-Type`, type) ». auto content_length_header = HTTP::Header::isomorphic_encode("Content-Length"sv, serialized_full_length); response->header_list()->append(move(content_length_header)); auto content_type_header = HTTP::Header::isomorphic_encode("Content-Type"sv, type); response->header_list()->append(move(content_type_header)); } // 14. Otherwise: else { // 1. Set response’s range-requested flag. response->set_range_requested(true); // 2. Let rangeHeader be the result of getting `Range` from request’s header list. auto const range_header = request->header_list()->get("Range"sv).value_or({}); // 3. Let rangeValue be the result of parsing a single range header value given rangeHeader and true. auto maybe_range_value = HTTP::parse_single_range_header_value(range_header, true); // 4. If rangeValue is failure, then return a network error. if (!maybe_range_value.has_value()) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Failed to parse single range header value"_string)); // 5. Let (rangeStart, rangeEnd) be rangeValue. auto& [range_start, range_end] = maybe_range_value.value(); // 6. If rangeStart is null: if (!range_start.has_value()) { VERIFY(range_end.has_value()); // 1. Set rangeStart to fullLength − rangeEnd. range_start = full_length - *range_end; // 2. Set rangeEnd to rangeStart + rangeEnd − 1. range_end = *range_start + *range_end - 1; } // 7. Otherwise: else { // 1. If rangeStart is greater than or equal to fullLength, then return a network error. if (*range_start >= full_length) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "rangeStart is greater than or equal to fullLength"_string)); // 2. If rangeEnd is null or rangeEnd is greater than or equal to fullLength, then set rangeEnd to fullLength − 1. if (!range_end.has_value() || *range_end >= full_length) range_end = full_length - 1; } // 8. Let slicedBlob be the result of invoking slice blob given blob, rangeStart, rangeEnd + 1, and type. auto sliced_blob = MUST(blob->slice(*range_start, *range_end + 1, type)); // 9. Let slicedBodyWithType be the result of safely extracting slicedBlob. auto sliced_body_with_type = safely_extract_body(realm, sliced_blob->raw_bytes()); // 10. Set response’s body to slicedBodyWithType’s body. response->set_body(sliced_body_with_type.body); // 11. Let serializedSlicedLength be slicedBlob’s size, serialized and isomorphic encoded. auto serialized_sliced_length = String::number(sliced_blob->size()); // 12. Let contentRange be the result of invoking build a content range given rangeStart, rangeEnd, and fullLength. auto content_range = HTTP::build_content_range(*range_start, *range_end, full_length); // 13. Set response’s status to 206. response->set_status(206); // 14. Set response’s status message to `Partial Content`. response->set_status_message("Partial Content"sv); // 15. Set response’s header list to « // (`Content-Length`, serializedSlicedLength), auto content_length_header = HTTP::Header::isomorphic_encode("Content-Length"sv, serialized_sliced_length); response->header_list()->append(move(content_length_header)); // (`Content-Type`, type), auto content_type_header = HTTP::Header::isomorphic_encode("Content-Type"sv, type); response->header_list()->append(move(content_type_header)); // (`Content-Range`, contentRange) ». auto content_range_header = HTTP::Header::isomorphic_encode("Content-Range"sv, content_range); response->header_list()->append(move(content_range_header)); } // 15. Return response. return PendingResponse::create(vm, request, response); } // -> "data" else if (request->current_url().scheme() == "data"sv) { // 1. Let dataURLStruct be the result of running the data: URL processor on request’s current URL. auto data_url_struct = Infrastructure::process_data_url(request->current_url()); // 2. If dataURLStruct is failure, then return a network error. if (data_url_struct.is_error()) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Failed to process 'data:' URL"_string)); // 3. Let mimeType be dataURLStruct’s MIME type, serialized. auto const& mime_type = data_url_struct.value().mime_type.serialized(); // 4. Return a new response whose status message is `OK`, header list is « (`Content-Type`, mimeType) », and // body is dataURLStruct’s body as a body. auto response = Infrastructure::Response::create(vm); response->set_status_message("OK"sv); auto header = HTTP::Header::isomorphic_encode("Content-Type"sv, mime_type); response->header_list()->append(move(header)); response->set_body(Infrastructure::byte_sequence_as_body(realm, data_url_struct.value().body)); return PendingResponse::create(vm, request, response); } // -> "file" // AD-HOC: "resource" else if (request->current_url().scheme() == "file"sv || request->current_url().scheme() == "resource"sv) { // For now, unfortunate as it is, file: URLs are left as an exercise for the reader. // When in doubt, return a network error. auto error = PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request with 'file:' or 'resource:' URL blocked"_string)); auto const* origin = request->origin().get_pointer(); if (!origin) return error; if (!(origin->is_opaque() || origin->scheme() == "file"sv || origin->scheme() == "resource"sv)) return error; // Allow file:// pages to load subresources (scripts, styles, fonts, etc.) from other file:// URLs, // but block the fetch() API and other requests without a destination from reading arbitrary files. // Requests made via fetch() have an empty destination, so we use that to distinguish between // subresource loads initiated by the browser (which have a destination) and programmatic fetches // (which do not). This prevents data exfiltration via fetch() from file:// pages. if (!request->destination().has_value()) return error; return nonstandard_resource_loader_file_or_http_network_fetch(realm, fetch_params); } // -> HTTP(S) scheme else if (Infrastructure::is_http_or_https_scheme(request->current_url().scheme())) { // Return the result of running HTTP fetch given fetchParams. return http_fetch(realm, fetch_params); } // 4. Return a network error. auto message = request->current_url().scheme() == "about"sv ? "Request has invalid 'about:' URL, only 'about:blank' can be fetched"_string : "Request URL has invalid scheme, must be one of 'about', 'blob', 'data', 'file', 'http', or 'https'"_string; return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, move(message))); } // https://fetch.spec.whatwg.org/#concept-http-fetch GC::Ref http_fetch(JS::Realm& realm, Infrastructure::FetchParams const& fetch_params, MakeCORSPreflight make_cors_preflight) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP fetch' with: fetch_params @ {}, make_cors_preflight = {}", &fetch_params, make_cors_preflight == MakeCORSPreflight::Yes ? "Yes"sv : "No"sv); auto& vm = realm.vm(); // 1. Let request be fetchParams’s request. auto request = fetch_params.request(); // 2. Let response and internalResponse be null. GC::Ptr response; GC::Ptr internal_response; // 3. If request’s service-workers mode is "all", then: if (request->service_workers_mode() == Infrastructure::Request::ServiceWorkersMode::All) { // 1. Let requestForServiceWorker be a clone of request. auto request_for_service_worker = request->clone(realm); // 2. If requestForServiceWorker’s body is non-null, then: if (!request_for_service_worker->body().has()) { // FIXME: 1. Let transformStream be a new TransformStream. // FIXME: 2. Let transformAlgorithm given chunk be these steps: // FIXME: 3. Set up transformStream with transformAlgorithm set to transformAlgorithm. // FIXME: 4. Set requestForServiceWorker’s body’s stream to the result of requestForServiceWorker’s body’s stream // piped through transformStream. } // 3. Let serviceWorkerStartTime be the coarsened shared current time given fetchParams’s cross-origin isolated // capability. auto service_worker_start_time = HighResolutionTime::coarsened_shared_current_time(fetch_params.cross_origin_isolated_capability()); // FIXME: 4. Set response to the result of invoking handle fetch for requestForServiceWorker, with fetchParams’s // controller and fetchParams’s cross-origin isolated capability. // 5. If response is non-null, then: if (response) { // 1. Set fetchParams’s timing info’s final service worker start time to serviceWorkerStartTime. fetch_params.timing_info()->set_final_service_worker_start_time(service_worker_start_time); // 2. If request’s body is non-null, then cancel request’s body with undefined. if (!request->body().has()) { // FIXME: Implement cancelling streams } // 3. Set internalResponse to response, if response is not a filtered response; otherwise to response’s // internal response. internal_response = !is(*response) ? GC::Ref { *response } : static_cast(*response).internal_response(); // 4. If one of the following is true if ( // - response’s type is "error" response->type() == Infrastructure::Response::Type::Error // - request’s mode is "same-origin" and response’s type is "cors" || (request->mode() == Infrastructure::Request::Mode::SameOrigin && response->type() == Infrastructure::Response::Type::CORS) // - request’s mode is not "no-cors" and response’s type is "opaque" || (request->mode() != Infrastructure::Request::Mode::NoCORS && response->type() == Infrastructure::Response::Type::Opaque) // - request’s redirect mode is not "manual" and response’s type is "opaqueredirect" || (request->redirect_mode() != Infrastructure::Request::RedirectMode::Manual && response->type() == Infrastructure::Response::Type::OpaqueRedirect) // - request’s redirect mode is not "follow" and response’s URL list has more than one item. || (request->redirect_mode() != Infrastructure::Request::RedirectMode::Follow && response->url_list().size() > 1)) { // then return a network error. return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Invalid request/response state combination"_string)); } } } GC::Ptr pending_actual_response; auto returned_pending_response = PendingResponse::create(vm, request); // 4. If response is null, then: if (!response) { // 1. If makeCORSPreflight is true and one of these conditions is true: // NOTE: This step checks the CORS-preflight cache and if there is no suitable entry it performs a // CORS-preflight fetch which, if successful, populates the cache. The purpose of the CORS-preflight // fetch is to ensure the fetched resource is familiar with the CORS protocol. The cache is there to // minimize the number of CORS-preflight fetches. GC::Ptr pending_preflight_response; if (make_cors_preflight == MakeCORSPreflight::Yes && ( // - There is no method cache entry match for request’s method using request, and either request’s // method is not a CORS-safelisted method or request’s use-CORS-preflight flag is set. // FIXME: We currently have no cache, so there will always be no method cache entry. (!HTTP::is_cors_safelisted_method(request->method()) || request->use_cors_preflight()) // - There is at least one item in the CORS-unsafe request-header names with request’s header list for // which there is no header-name cache entry match using request. // FIXME: We currently have no cache, so there will always be no header-name cache entry. || !Infrastructure::get_cors_unsafe_header_names(request->header_list()).is_empty())) { // 1. Let preflightResponse be the result of running CORS-preflight fetch given request. pending_preflight_response = cors_preflight_fetch(realm, request); // NOTE: Step 2 is performed in pending_preflight_response's load callback below. } auto fetch_main_content = GC::create_function(realm.heap(), [request, realm = GC::Ref { realm }, fetch_params = GC::Ref { fetch_params }]() -> GC::Ref { // 2. If request’s redirect mode is "follow", then set request’s service-workers mode to "none". // NOTE: Redirects coming from the network (as opposed to from a service worker) are not to be exposed to a // service worker. if (request->redirect_mode() == Infrastructure::Request::RedirectMode::Follow) request->set_service_workers_mode(Infrastructure::Request::ServiceWorkersMode::None); // 3. Set response and internalResponse to the result of running HTTP-network-or-cache fetch given fetchParams. return http_network_or_cache_fetch(*realm, *fetch_params); }); if (pending_preflight_response) { pending_actual_response = PendingResponse::create(vm, request); pending_preflight_response->when_loaded([returned_pending_response, pending_actual_response, fetch_main_content](GC::Ref preflight_response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP fetch' pending_preflight_response load callback"); // 2. If preflightResponse is a network error, then return preflightResponse. if (preflight_response->is_network_error()) { returned_pending_response->resolve(preflight_response); return; } auto pending_main_content_response = fetch_main_content->function()(); pending_main_content_response->when_loaded([pending_actual_response](GC::Ref main_content_response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP fetch' pending_main_content_response load callback"); pending_actual_response->resolve(main_content_response); }); }); } else { pending_actual_response = fetch_main_content->function()(); } } else { pending_actual_response = PendingResponse::create(vm, request, Infrastructure::Response::create(vm)); } pending_actual_response->when_loaded([&realm, &vm, &fetch_params, request, response, internal_response, returned_pending_response, response_was_null = !response](GC::Ref resolved_actual_response) mutable { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP fetch' pending_actual_response load callback"); if (response_was_null) { response = internal_response = resolved_actual_response; // 4. If request’s response tainting is "cors" and a CORS check for request and response returns failure, // then return a network error. // NOTE: As the CORS check is not to be applied to responses whose status is 304 or 407, or responses from // a service worker for that matter, it is applied here. if (request->response_tainting() == Infrastructure::Request::ResponseTainting::CORS && !cors_check(request, *response)) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "Request with 'cors' response tainting failed CORS check"_string)); return; } // 5. If the TAO check for request and response returns failure, then set request’s timing allow failed flag. if (!tao_check(request, *response)) request->set_timing_allow_failed(true); } // 5. If either request’s response tainting or response’s type is "opaque", and the cross-origin resource // policy check with request’s origin, request’s client, request’s destination, and internalResponse returns // blocked, then return a network error. // NOTE: The cross-origin resource policy check runs for responses coming from the network and responses coming // from the service worker. This is different from the CORS check, as request’s client and the service // worker can have different embedder policies. if ((request->response_tainting() == Infrastructure::Request::ResponseTainting::Opaque || response->type() == Infrastructure::Response::Type::Opaque) && false // FIXME: "and the cross-origin resource policy check with request’s origin, request’s client, request’s destination, and actualResponse returns blocked" ) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "Response was blocked by cross-origin resource policy check"_string)); return; } GC::Ptr inner_pending_response; // 6. If internalResponse’s status is a redirect status: if (Infrastructure::is_redirect_status(internal_response->status())) { // FIXME: 1. If internalResponse’s status is not 303, request’s body is non-null, and the connection uses HTTP/2, // then user agents may, and are even encouraged to, transmit an RST_STREAM frame. // NOTE: 303 is excluded as certain communities ascribe special status to it. // 2. Switch on request’s redirect mode: switch (request->redirect_mode()) { // -> "error" case Infrastructure::Request::RedirectMode::Error: // 1. Set response to a network error. response = Infrastructure::Response::network_error(vm, "Request with 'error' redirect mode received redirect response"_string); break; // -> "manual" case Infrastructure::Request::RedirectMode::Manual: // 1. If request’s mode is "navigate", then set fetchParams’s controller’s next manual redirect steps // to run HTTP-redirect fetch given fetchParams and response. if (request->mode() == Infrastructure::Request::Mode::Navigate) { fetch_params.controller()->set_next_manual_redirect_steps([&realm, &fetch_params, response] { (void)http_redirect_fetch(realm, fetch_params, *response); }); } // 2. Otherwise, set response to an opaque-redirect filtered response whose internal response is // internalResponse. else { response = Infrastructure::OpaqueRedirectFilteredResponse::create(vm, *internal_response); } break; // -> "follow" case Infrastructure::Request::RedirectMode::Follow: // 1. Set response to the result of running HTTP-redirect fetch given fetchParams and response. inner_pending_response = http_redirect_fetch(realm, fetch_params, *response); break; default: VERIFY_NOT_REACHED(); } } if (inner_pending_response) { inner_pending_response->when_loaded([returned_pending_response](GC::Ref response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP fetch' inner_pending_response load callback"); returned_pending_response->resolve(response); }); } else { returned_pending_response->resolve(*response); } }); // 7. Return response. // NOTE: Typically internalResponse’s body’s stream is still being enqueued to after returning. return returned_pending_response; } // https://fetch.spec.whatwg.org/#concept-http-redirect-fetch GC::Ptr http_redirect_fetch(JS::Realm& realm, Infrastructure::FetchParams const& fetch_params, Infrastructure::Response& response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP-redirect fetch' with: fetch_params @ {}, response = {}", &fetch_params, &response); auto& vm = realm.vm(); // 1. Let request be fetchParams’s request. auto request = fetch_params.request(); // 2. Let internalResponse be response, if response is not a filtered response; otherwise response’s internal // response. auto internal_response = !is(response) ? GC::Ref { response } : static_cast(response).internal_response(); // 3. Let locationURL be internalResponse’s location URL given request’s current URL’s fragment. auto location_url_or_error = internal_response->location_url(request->current_url().fragment()); // 4. If locationURL is null, then return response. if (!location_url_or_error.is_error() && !location_url_or_error.value().has_value()) return PendingResponse::create(vm, request, response); // 5. If locationURL is failure, then return a network error. if (location_url_or_error.is_error()) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request redirect URL is invalid"_string)); auto location_url = location_url_or_error.release_value().release_value(); // 6. If locationURL’s scheme is not an HTTP(S) scheme, then return a network error. if (!Infrastructure::is_http_or_https_scheme(location_url.scheme())) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request redirect URL must have HTTP or HTTPS scheme"_string)); // 7. If request’s redirect count is 20, then return a network error. if (request->redirect_count() == 20) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request has reached maximum redirect count of 20"_string)); // 8. Increase request’s redirect count by 1. request->set_redirect_count(request->redirect_count() + 1); // 9. If request’s mode is "cors", locationURL includes credentials, and request’s origin is not same origin with // locationURL’s origin, then return a network error. if (request->mode() == Infrastructure::Request::Mode::CORS && location_url.includes_credentials() && request->origin().has() && !request->origin().get().is_same_origin(location_url.origin())) { return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request with 'cors' mode and different URL and request origin must not include credentials in redirect URL"_string)); } // 10. If request’s response tainting is "cors" and locationURL includes credentials, then return a network error. // NOTE: This catches a cross-origin resource redirecting to a same-origin URL. if (request->response_tainting() == Infrastructure::Request::ResponseTainting::CORS && location_url.includes_credentials()) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request with 'cors' response tainting must not include credentials in redirect URL"_string)); // 11. If internalResponse’s status is not 303, request’s body is non-null, and request’s body’s source is null, then // return a network error. if (internal_response->status() != 303 && !request->body().has() && request->body().get>()->source().has()) { return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Request has body but no body source"_string)); } // 12. If one of the following is true if ( // - internalResponse’s status is 301 or 302 and request’s method is `POST` ((internal_response->status() == 301 || internal_response->status() == 302) && request->method() == "POST"sv) // - internalResponse’s status is 303 and request’s method is not `GET` or `HEAD` || (internal_response->status() == 303 && !(request->method() == "GET"sv || request->method() == "HEAD"sv)) // then: ) { // 1. Set request’s method to `GET` and request’s body to null. request->set_method("GET"sv); request->set_body({}); static constexpr Array request_body_header_names { "Content-Encoding"sv, "Content-Language"sv, "Content-Location"sv, "Content-Type"sv }; // 2. For each headerName of request-body-header name, delete headerName from request’s header list. for (auto header_name : request_body_header_names.span()) request->header_list()->delete_(header_name); } // 13. If request’s current URL’s origin is not same origin with locationURL’s origin, then for each headerName of // CORS non-wildcard request-header name, delete headerName from request’s header list. // NOTE: I.e., the moment another origin is seen after the initial request, the `Authorization` header is removed. if (!request->current_url().origin().is_same_origin(location_url.origin())) { static constexpr Array cors_non_wildcard_request_header_names { "Authorization"sv }; for (auto header_name : cors_non_wildcard_request_header_names) request->header_list()->delete_(header_name); } // 14. If request’s body is non-null, then set request’s body to the body of the result of safely extracting // request’s body’s source. // NOTE: request’s body’s source’s nullity has already been checked. if (!request->body().has()) { auto const& source = request->body().get>()->source(); // NOTE: BodyInitOrReadableBytes is a superset of Body::SourceType auto converted_source = source.has() ? BodyInitOrReadableBytes { source.get() } : BodyInitOrReadableBytes { source.get>() }; auto [body, _] = safely_extract_body(realm, converted_source); request->set_body(body); } // 15. Let timingInfo be fetchParams’s timing info. auto timing_info = fetch_params.timing_info(); // 16. Set timingInfo’s redirect end time and post-redirect start time to the coarsened shared current time given // fetchParams’s cross-origin isolated capability. auto now = HighResolutionTime::coarsened_shared_current_time(fetch_params.cross_origin_isolated_capability()); timing_info->set_redirect_end_time(now); timing_info->set_post_redirect_start_time(now); // 17. If timingInfo’s redirect start time is 0, then set timingInfo’s redirect start time to timingInfo’s start // time. if (timing_info->redirect_start_time() == 0) timing_info->set_redirect_start_time(timing_info->start_time()); // 18. Append locationURL to request’s URL list. request->url_list().append(location_url); // 19. Invoke set request’s referrer policy on redirect on request and internalResponse. ReferrerPolicy::set_request_referrer_policy_on_redirect(request, internal_response); // 20. Let recursive be true. auto recursive = Recursive::Yes; // 21. If request’s redirect mode is "manual", then: if (request->redirect_mode() == Infrastructure::Request::RedirectMode::Manual) { // 1. Assert: request’s mode is "navigate". VERIFY(request->mode() == Infrastructure::Request::Mode::Navigate); // 2. Set recursive to false. recursive = Recursive::No; } // 22. Return the result of running main fetch given fetchParams and recursive. return main_fetch(realm, fetch_params, recursive); } // https://fetch.spec.whatwg.org/#concept-http-network-or-cache-fetch GC::Ref http_network_or_cache_fetch(JS::Realm& realm, Infrastructure::FetchParams const& fetch_params, IsAuthenticationFetch is_authentication_fetch, IsNewConnectionFetch is_new_connection_fetch) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP-network-or-cache fetch' with: fetch_params @ {}, is_authentication_fetch = {}, is_new_connection_fetch = {}", &fetch_params, is_authentication_fetch == IsAuthenticationFetch::Yes ? "Yes"sv : "No"sv, is_new_connection_fetch == IsNewConnectionFetch::Yes ? "Yes"sv : "No"sv); auto& vm = realm.vm(); // 1. Let request be fetchParams’s request. auto request = fetch_params.request(); // 2. Let httpFetchParams be null. GC::Ptr http_fetch_params; // 3. Let httpRequest be null. GC::Ptr http_request; // 4. Let response be null. GC::Ptr response; // 5. Let storedResponse be null. GC::Ptr stored_response; // 6. Let httpCache be null. RefPtr http_cache; // 7. Let the revalidatingFlag be unset. auto include_credentials = HTTP::Cookie::IncludeCredentials::No; // 8. Run these steps, but abort when fetchParams is canceled: // NOTE: There's an 'if aborted' check after this anyway, so not doing this is fine and only incurs a small delay. // For now, support for aborting fetch requests is limited anyway as ResourceLoader doesn't support it. auto aborted = false; { ScopeGuard set_aborted = [&] { if (fetch_params.is_canceled()) aborted = true; }; // 1. If request’s traversable for user prompts is "no-traversable" and request’s redirect mode is "error", // then set httpFetchParams to fetchParams and httpRequest to request. if (request->traversable_for_user_prompts().has() && request->traversable_for_user_prompts().get() == Infrastructure::Request::TraversableForUserPrompts::NoTraversable && request->redirect_mode() == Infrastructure::Request::RedirectMode::Error) { http_fetch_params = fetch_params; http_request = request; } // 2. Otherwise: else { // 1. Set httpRequest to a clone of request. // NOTE: Implementations are encouraged to avoid teeing request’s body’s stream when request’s body’s // source is null as only a single body is needed in that case. E.g., when request’s body’s source // is null, redirects and authentication will end up failing the fetch. http_request = request->clone(realm); // 2. Set httpFetchParams to a copy of fetchParams. auto new_http_fetch_params = Infrastructure::FetchParams::copy(fetch_params); // 3. Set httpFetchParams’s request to httpRequest. new_http_fetch_params->set_request(*http_request); http_fetch_params = new_http_fetch_params; } // 3. Let includeCredentials be true if one of if ( // - request’s credentials mode is "include" request->credentials_mode() == Infrastructure::Request::CredentialsMode::Include // - request’s credentials mode is "same-origin" and request’s response tainting is "basic" || (request->credentials_mode() == Infrastructure::Request::CredentialsMode::SameOrigin && request->response_tainting() == Infrastructure::Request::ResponseTainting::Basic) // is true; otherwise false. ) { include_credentials = HTTP::Cookie::IncludeCredentials::Yes; } else { include_credentials = HTTP::Cookie::IncludeCredentials::No; } // 4. If Cross-Origin-Embedder-Policy allows credentials with request returns false, then set // includeCredentials to false. if (!request->cross_origin_embedder_policy_allows_credentials()) include_credentials = HTTP::Cookie::IncludeCredentials::No; // 5. Let contentLength be httpRequest’s body’s length, if httpRequest’s body is non-null; otherwise null. auto content_length = http_request->body().has>() ? http_request->body().get>()->length() : Optional {}; // 6. Let contentLengthHeaderValue be null. Optional content_length_header_value; // 7. If httpRequest’s body is null and httpRequest’s method is `POST` or `PUT`, then set // contentLengthHeaderValue to `0`. if (http_request->body().has() && http_request->method().is_one_of("POST"sv, "PUT"sv)) content_length_header_value = "0"sv; // 8. If contentLength is non-null, then set contentLengthHeaderValue to contentLength, serialized and // isomorphic encoded. if (content_length.has_value()) content_length_header_value = ByteString::number(*content_length); // 9. If contentLengthHeaderValue is non-null, then append (`Content-Length`, contentLengthHeaderValue) to // httpRequest’s header list. if (content_length_header_value.has_value()) http_request->header_list()->append({ "Content-Length"sv, content_length_header_value.release_value() }); // 10. If contentLength is non-null and httpRequest’s keepalive is true, then: if (content_length.has_value() && http_request->keepalive()) { // 1. Let inflightKeepaliveBytes be 0. u64 inflight_keep_alive_bytes = 0; // 2. Let group be httpRequest’s client’s fetch group. auto& group = http_request->client()->fetch_group(); // 3. Let inflightRecords be the set of fetch records in group whose request’s keepalive is true and done flag is unset. GC::RootVector> in_flight_records(vm.heap()); for (auto& fetch_record : group) { if (fetch_record.request()->keepalive() && !fetch_record.request()->done()) in_flight_records.append(fetch_record); } // 4. For each fetchRecord of inflightRecords: for (auto const& fetch_record : in_flight_records) { // 1. Let inflightRequest be fetchRecord’s request. auto const& in_flight_request = fetch_record->request(); // 2. Increment inflightKeepaliveBytes by inflightRequest’s body’s length. inflight_keep_alive_bytes += in_flight_request->body().visit( [](Empty) -> u64 { return 0; }, [](ByteBuffer const& buffer) -> u64 { return buffer.size(); }, [](GC::Ref body) -> u64 { return body->length().has_value() ? body->length().value() : 0; }); } // 5. If the sum of contentLength and inflightKeepaliveBytes is greater than 64 kibibytes, then return a network error. if ((content_length.value() + inflight_keep_alive_bytes) > keepalive_maximum_size) return PendingResponse::create(vm, request, Infrastructure::Response::network_error(vm, "Keepalive request exceeded maximum allowed size of 64 KiB"_string)); // NOTE: The above limit ensures that requests that are allowed to outlive the environment settings object // and contain a body, have a bounded size and are not allowed to stay alive indefinitely. } // 11. If httpRequest’s referrer is a URL, then: if (auto const* referrer_url = http_request->referrer().get_pointer()) { // 1. Let referrerValue be httpRequest’s referrer, serialized and isomorphic encoded. auto referrer_value = TextCodec::isomorphic_encode(referrer_url->serialize()); // 2. Append (`Referer`, referrerValue) to httpRequest’s header list. http_request->header_list()->append({ "Referer"sv, move(referrer_value) }); } // 12. Append a request `Origin` header for httpRequest. http_request->add_origin_header(); // 13. Append the Fetch metadata headers for httpRequest. append_fetch_metadata_headers_for_request(*http_request); // 14. FIXME: If httpRequest’s initiator is "prefetch", then set a structured field value // given (`Sec-Purpose`, the token prefetch) in httpRequest’s header list. // 15. If httpRequest’s header list does not contain `User-Agent`, then user agents should append // (`User-Agent`, default `User-Agent` value) to httpRequest’s header list. if (!http_request->header_list()->contains("User-Agent"sv)) http_request->header_list()->append({ "User-Agent"sv, Infrastructure::default_user_agent_value() }); // 16. If httpRequest’s cache mode is "default" and httpRequest’s header list contains `If-Modified-Since`, // `If-None-Match`, `If-Unmodified-Since`, `If-Match`, or `If-Range`, then set httpRequest’s cache mode to // "no-store". if (http_request->cache_mode() == HTTP::CacheMode::Default && (http_request->header_list()->contains("If-Modified-Since"sv) || http_request->header_list()->contains("If-None-Match"sv) || http_request->header_list()->contains("If-Unmodified-Since"sv) || http_request->header_list()->contains("If-Match"sv) || http_request->header_list()->contains("If-Range"sv))) { http_request->set_cache_mode(HTTP::CacheMode::NoStore); } // 17. If httpRequest’s cache mode is "no-cache", httpRequest’s prevent no-cache cache-control header // modification flag is unset, and httpRequest’s header list does not contain `Cache-Control`, then append // (`Cache-Control`, `max-age=0`) to httpRequest’s header list. if (http_request->cache_mode() == HTTP::CacheMode::NoCache && !http_request->prevent_no_cache_cache_control_header_modification() && !http_request->header_list()->contains("Cache-Control"sv)) { http_request->header_list()->append({ "Cache-Control"sv, "max-age=0"sv }); } // 18. If httpRequest’s cache mode is "no-store" or "reload", then: if (http_request->cache_mode() == HTTP::CacheMode::NoStore || http_request->cache_mode() == HTTP::CacheMode::Reload) { // 1. If httpRequest’s header list does not contain `Pragma`, then append (`Pragma`, `no-cache`) to // httpRequest’s header list. if (!http_request->header_list()->contains("Pragma"sv)) http_request->header_list()->append({ "Pragma"sv, "no-cache"sv }); // 2. If httpRequest’s header list does not contain `Cache-Control`, then append // (`Cache-Control`, `no-cache`) to httpRequest’s header list. if (!http_request->header_list()->contains("Cache-Control"sv)) http_request->header_list()->append({ "Cache-Control"sv, "no-cache"sv }); } // 19. If httpRequest’s header list contains `Range`, then append (`Accept-Encoding`, `identity`) to // httpRequest’s header list. // NOTE: This avoids a failure when handling content codings with a part of an encoded response. // Additionally, many servers mistakenly ignore `Range` headers if a non-identity encoding is accepted. if (http_request->header_list()->contains("Range"sv)) http_request->header_list()->append({ "Accept-Encoding"sv, "identity"sv }); // 20. Modify httpRequest’s header list per HTTP. Do not append a given header if httpRequest’s header list // contains that header’s name. // NOTE: It would be great if we could make this more normative somehow. At this point headers such as // `Accept-Encoding`, `Connection`, `DNT`, and `Host`, are to be appended if necessary. // `Accept`, `Accept-Charset`, and `Accept-Language` must not be included at this point. // NOTE: `Accept` and `Accept-Language` are already included (unless fetch() is used, which does not include // the latter by default), and `Accept-Charset` is a waste of bytes. See HTTP header layer division for // more details. // // https://w3c.github.io/gpc/#the-sec-gpc-header-field-for-http-requests if (ResourceLoader::the().enable_global_privacy_control() && !http_request->header_list()->contains("Sec-GPC"sv)) http_request->header_list()->append({ "Sec-GPC"sv, "1"sv }); // 21. If includeCredentials is true, then: if (include_credentials == HTTP::Cookie::IncludeCredentials::Yes) { // 1. If the user agent is not configured to block cookies for httpRequest (see section 7 of [COOKIES]), // then: // 1. Let cookies be the result of running the "cookie-string" algorithm (see section 5.4 of [COOKIES]) // with the user agent’s cookie store and httpRequest’s current URL. // 2. If cookies is not the empty string, then append (`Cookie`, cookies) to httpRequest’s header list. // NB: HTTP cookies are attached by RequestServer. // 2. If httpRequest’s header list does not contain `Authorization`, then: if (!http_request->header_list()->contains("Authorization"sv)) { // 1. Let authorizationValue be null. auto authorization_value = Optional {}; // 2. If there’s an authentication entry for httpRequest and either httpRequest’s use-URL-credentials // flag is unset or httpRequest’s current URL does not include credentials, then set // authorizationValue to authentication entry. if (false // FIXME: "If there’s an authentication entry for httpRequest" && (!http_request->use_url_credentials() || !http_request->current_url().includes_credentials())) { // FIXME: "set authorizationValue to authentication entry." } // 3. Otherwise, if httpRequest’s current URL does include credentials and isAuthenticationFetch is // true, set authorizationValue to httpRequest’s current URL, converted to an `Authorization` value. else if (http_request->current_url().includes_credentials() && is_authentication_fetch == IsAuthenticationFetch::Yes) { auto const& url = http_request->current_url(); auto payload = MUST(String::formatted("{}:{}", URL::percent_decode(url.username()), URL::percent_decode(url.password()))); authorization_value = MUST(encode_base64(payload.bytes())); } // 4. If authorizationValue is non-null, then append (`Authorization`, authorizationValue) to // httpRequest’s header list. if (authorization_value.has_value()) { auto header = HTTP::Header::isomorphic_encode("Authorization"sv, *authorization_value); http_request->header_list()->append(move(header)); } } } // FIXME: 22. If there’s a proxy-authentication entry, use it as appropriate. // NOTE: This intentionally does not depend on httpRequest’s credentials mode. // 23. Set httpCache to the result of determining the HTTP cache partition, given httpRequest. http_cache = determine_the_http_cache_partition(*http_request); // 24. If httpCache is null, then set httpRequest’s cache mode to "no-store". if (!http_cache) http_request->set_cache_mode(HTTP::CacheMode::NoStore); // 25. If httpRequest’s cache mode is neither "no-store" nor "reload", then: if (http_request->cache_mode() != HTTP::CacheMode::NoStore && http_request->cache_mode() != HTTP::CacheMode::Reload) { // 1. Set storedResponse to the result of selecting a response from the httpCache, possibly needing // validation, as per the "Constructing Responses from Caches" chapter of HTTP Caching [HTTP-CACHING], // if any. // NOTE: As mandated by HTTP, this still takes the `Vary` header into account. stored_response = select_response_from_cache(realm, *http_cache, *http_request); // 2. If storedResponse is non-null, then: if (stored_response) { // 1. If cache mode is "default", storedResponse is a stale-while-revalidate response, and httpRequest’s // client is non-null, then: // 2. Otherwise: // 1. If storedResponse is a stale response, then set the revalidatingFlag. // 2. If the revalidatingFlag is set and httpRequest’s cache mode is neither "force-cache" nor // "only-if-cached", then: // 1. If storedResponse’s header list contains `ETag`, then append (`If-None-Match`, `ETag`'s value) // to httpRequest’s header list. // 2. If storedResponse’s header list contains `Last-Modified`, then append (`If-Modified-Since`, // `Last-Modified`'s value) to httpRequest’s header list. // 3. Otherwise, set response to storedResponse and set response’s cache state to "local". // NB: We only cache fresh responses in WebContent. Revalidation is handled by RequestServer. response = stored_response; response->set_cache_state(Infrastructure::Response::CacheState::Local); } } } // 9. If aborted, then return the appropriate network error for fetchParams. if (aborted) return PendingResponse::create(vm, request, Infrastructure::Response::appropriate_network_error(vm, fetch_params)); GC::Ptr pending_forward_response; // 10. If response is null, then: if (!response) { // 1. If httpRequest’s cache mode is "only-if-cached", then return a network error. // NB: We skip this step in order to allow the disk cache in RequestServer to handle this request. If a disk // cache entry does not exist, it will return a network error itself. // 2. Let forwardResponse be the result of running HTTP-network fetch given httpFetchParams, includeCredentials, // and isNewConnectionFetch. pending_forward_response = nonstandard_resource_loader_file_or_http_network_fetch(realm, *http_fetch_params, include_credentials, is_new_connection_fetch, http_cache); } else { pending_forward_response = PendingResponse::create(vm, request, Infrastructure::Response::create(vm)); } // AD-HOC: If the controller is already in the non-spec Stopped state, we should cancel the network request immediately. if (http_fetch_params->controller()->state() == Infrastructure::FetchController::State::Stopped) http_fetch_params->controller()->stop_fetch(); auto returned_pending_response = PendingResponse::create(vm, request); pending_forward_response->when_loaded([&realm, &vm, &fetch_params, request, response, stored_response, http_request, returned_pending_response, is_authentication_fetch, is_new_connection_fetch, include_credentials, response_was_null = !response, http_cache](GC::Ref resolved_forward_response) mutable { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP-network-or-cache fetch' pending_forward_response load callback"); if (response_was_null) { auto forward_response = resolved_forward_response; // NOTE: TRACE is omitted as it is a forbidden method in Fetch. auto method_is_unsafe = !http_request->method().is_one_of("GET"sv, "HEAD"sv, "OPTIONS"sv); // 3. If httpRequest’s method is unsafe and forwardResponse’s status is in the range 200 to 399, inclusive, // invalidate appropriate stored responses in httpCache, as per the "Invalidation" chapter of HTTP // Caching, and set storedResponse to null. if (method_is_unsafe && forward_response->status() >= 200 && forward_response->status() <= 399) { // FIXME: "invalidate appropriate stored responses in httpCache, as per the "Invalidation" chapter of HTTP Caching" stored_response = nullptr; } // 4. If the revalidatingFlag is set and forwardResponse’s status is 304, then: // 1. Update storedResponse’s header list using forwardResponse’s header list, as per the "Freshening // Stored Responses upon Validation" chapter of HTTP Caching. // 2. Set response to storedResponse. // 3. Set response’s cache state to "validated". // NB: We only cache fresh responses in WebContent. Revalidation is handled by RequestServer. // 5. If response is null, then: if (!response) { // 1. Set response to forwardResponse. response = forward_response; // 2. Store httpRequest and forwardResponse in httpCache, as per the "Storing Responses in Caches" chapter of HTTP Caching. // NOTE: If forwardResponse is a network error, this effectively caches the network error, which is // sometimes known as "negative caching". // NOTE: The associated body info is stored in the cache alongside the response. if (http_cache) store_response_in_cache(*http_cache, *http_request, *forward_response); } } // 11. Set response’s URL list to a clone of httpRequest’s URL list. response->set_url_list(http_request->url_list()); // 12. If httpRequest’s header list contains `Range`, then set response’s range-requested flag. if (http_request->header_list()->contains("Range"sv)) response->set_range_requested(true); // 13. Set response’s request-includes-credentials to includeCredentials. response->set_request_includes_credentials(include_credentials == HTTP::Cookie::IncludeCredentials::Yes); auto inner_pending_response = PendingResponse::create(vm, request, *response); // 14. If response’s status is 401, httpRequest’s response tainting is not "cors", includeCredentials is true, // and request’s traversable for user prompts is a traversable navigable: // AD-HOC: Only enter the 401 handling path if the server is requesting an authentication // scheme we can handle with a username/password prompt (Basic or Digest). // Other schemes like PrivateToken (RFC 9577) are not user-prompt-based and should // not trigger credential prompting or request retries. auto www_authenticate_has_credential_based_scheme = [&] { auto www_authenticate = response->header_list()->get("WWW-Authenticate"sv); if (!www_authenticate.has_value()) return false; // The value is a comma-separated list of challenges. Each challenge starts with a scheme name. // We check if any of the schemes are ones we can handle with a username/password prompt. auto value = *www_authenticate; for (auto challenge : value.view().split_view(',')) { auto trimmed = challenge.trim_whitespace(); auto space_index = trimmed.find(' '); auto scheme = space_index.has_value() ? trimmed.substring_view(0, *space_index) : trimmed; if (scheme.equals_ignoring_ascii_case("Basic"sv) || scheme.equals_ignoring_ascii_case("Digest"sv)) return true; } return false; }; if (response->status() == 401 && http_request->response_tainting() != Infrastructure::Request::ResponseTainting::CORS && include_credentials == HTTP::Cookie::IncludeCredentials::Yes && request->traversable_for_user_prompts().has>() && www_authenticate_has_credential_based_scheme()) { // 1. Needs testing: multiple `WWW-Authenticate` headers, missing, parsing issues. // (Red box in the spec, no-op) // 2. If request’s body is non-null, then: if (!request->body().has()) { // 1. If request’s body’s source is null, then return a network error. if (request->body().get>()->source().has()) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "Request has body but no body source"_string)); return; } // 2. Set request’s body to the body of the result of safely extracting request’s body’s source. auto const& source = request->body().get>()->source(); // NOTE: BodyInitOrReadableBytes is a superset of Body::SourceType auto converted_source = source.has() ? BodyInitOrReadableBytes { source.get() } : BodyInitOrReadableBytes { source.get>() }; auto [body, _] = safely_extract_body(realm, converted_source); request->set_body(body); } // 3. If request’s use-URL-credentials flag is unset or isAuthenticationFetch is true, then: if (!request->use_url_credentials() || is_authentication_fetch == IsAuthenticationFetch::Yes) { // 1. If fetchParams is canceled, then return the appropriate network error for fetchParams. if (fetch_params.is_canceled()) { returned_pending_response->resolve(Infrastructure::Response::appropriate_network_error(vm, fetch_params)); return; } // FIXME: 2. Let username and password be the result of prompting the end user for a username and password, // respectively, in request’s window. dbgln("Fetch: Username/password prompt is not implemented, using empty strings. This request will probably fail."); auto username = ByteString::empty(); auto password = ByteString::empty(); // 3. Set the username given request’s current URL and username. request->current_url().set_username(username); // 4. Set the password given request’s current URL and password. request->current_url().set_password(password); } // 4. Set response to the result of running HTTP-network-or-cache fetch given fetchParams and true. inner_pending_response = http_network_or_cache_fetch(realm, fetch_params, IsAuthenticationFetch::Yes); } inner_pending_response->when_loaded([&realm, &vm, &fetch_params, request, returned_pending_response, is_authentication_fetch, is_new_connection_fetch](GC::Ref response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'HTTP network-or-cache fetch' inner_pending_response load callback"); // 15. If response’s status is 407, then: if (response->status() == 407) { // 1. If request’s traversable for user prompts is "no-traversable", then return a network error. if (request->traversable_for_user_prompts().has() && request->traversable_for_user_prompts().get() == Infrastructure::Request::TraversableForUserPrompts::NoTraversable) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "Request requires proxy authentication but has 'no-window' set"_string)); return; } // 2. Needs testing: multiple `Proxy-Authenticate` headers, missing, parsing issues. // (Red box in the spec, no-op) // 3. If fetchParams is canceled, then return the appropriate network error for fetchParams. if (fetch_params.is_canceled()) { returned_pending_response->resolve(Infrastructure::Response::appropriate_network_error(vm, fetch_params)); return; } // FIXME: 4. Prompt the end user as appropriate in request’s window and store the result as a // proxy-authentication entry. // NOTE: Remaining details surrounding proxy authentication are defined by HTTP. // FIXME: 5. Set response to the result of running HTTP-network-or-cache fetch given fetchParams. // (Doing this without step 4 would potentially lead to an infinite request cycle.) } auto inner_pending_response = PendingResponse::create(vm, request, *response); // 16. If all of the following are true if ( // - response’s status is 421 response->status() == 421 // - isNewConnectionFetch is false && is_new_connection_fetch == IsNewConnectionFetch::No // - request’s body is null, or request’s body is non-null and request’s body’s source is non-null && (request->body().has() || !request->body().get>()->source().has()) // then: ) { // 1. If fetchParams is canceled, then return the appropriate network error for fetchParams. if (fetch_params.is_canceled()) { returned_pending_response->resolve(Infrastructure::Response::appropriate_network_error(vm, fetch_params)); return; } // 2. Set response to the result of running HTTP-network-or-cache fetch given fetchParams, // isAuthenticationFetch, and true. inner_pending_response = http_network_or_cache_fetch(realm, fetch_params, is_authentication_fetch, IsNewConnectionFetch::Yes); } inner_pending_response->when_loaded([returned_pending_response, is_authentication_fetch](GC::Ref response) { // 17. If isAuthenticationFetch is true, then create an authentication entry for request and the given // realm. if (is_authentication_fetch == IsAuthenticationFetch::Yes) { // FIXME: "create an authentication entry for request and the given realm" } returned_pending_response->resolve(response); }); }); }); // 18. Return response. // NOTE: Typically response’s body’s stream is still being enqueued to after returning. return returned_pending_response; } #if defined(WEB_FETCH_DEBUG) static void log_load_request(auto const& load_request) { dbgln("Fetch: Invoking ResourceLoader"); dbgln("> {} {} HTTP/1.1", load_request.method(), load_request.url()); for (auto const& [name, value] : load_request.headers()) dbgln("> {}: {}", name, value); dbgln(">"); for (auto line : StringView { load_request.body() }.split_view('\n', SplitBehavior::KeepEmpty)) dbgln("> {}", line); } static void log_response(auto const& status_code, auto const& headers, auto const& data) { dbgln("< HTTP/1.1 {}", status_code.value_or(0)); for (auto const& [name, value] : headers.headers()) dbgln("< {}: {}", name, value); dbgln("<"); for (auto line : StringView { data }.split_view('\n', SplitBehavior::KeepEmpty)) dbgln("< {}", line); } #endif // https://fetch.spec.whatwg.org/#concept-http-network-fetch // Drop-in replacement for 'HTTP-network fetch', but obviously non-standard :^) // It also handles file:// URLs since those can also go through ResourceLoader. GC::Ref nonstandard_resource_loader_file_or_http_network_fetch(JS::Realm& realm, Infrastructure::FetchParams const& fetch_params, HTTP::Cookie::IncludeCredentials include_credentials, IsNewConnectionFetch is_new_connection_fetch, RefPtr http_cache) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'non-standard HTTP-network fetch' with: fetch_params @ {}", &fetch_params); auto fetch_timing_info = fetch_params.timing_info(); auto cross_origin_isolated_capability = fetch_params.cross_origin_isolated_capability(); auto& vm = realm.vm(); (void)include_credentials; (void)is_new_connection_fetch; (void)fetch_timing_info; (void)cross_origin_isolated_capability; auto request = fetch_params.request(); auto& page = Bindings::principal_host_defined_page(realm); LoadRequest load_request { request->header_list() }; load_request.set_url(request->current_url()); load_request.set_page(page); load_request.set_method(request->method()); load_request.set_cache_mode(request->cache_mode()); load_request.set_include_credentials(include_credentials); load_request.set_initiator_type(request->initiator_type()); if (auto const* body = request->body().get_pointer>()) { (*body)->source().visit( [&](ByteBuffer const& byte_buffer) { load_request.set_body(MUST(ByteBuffer::copy(byte_buffer))); }, [&](GC::Root const& blob_handle) { load_request.set_body(MUST(ByteBuffer::copy(blob_handle->raw_bytes()))); }, [](Empty) { }); } auto pending_response = PendingResponse::create(vm, request); if constexpr (WEB_FETCH_DEBUG) { dbgln("Fetch: Invoking ResourceLoader"); log_load_request(load_request); } HTML::TemporaryExecutionContext execution_context { realm, HTML::TemporaryExecutionContext::CallbacksEnabled::Yes }; // 10. Let stream be a new ReadableStream. auto stream = realm.create(realm); // 9. Let buffer be an empty byte sequence. auto fetched_data_receiver = realm.create(fetch_params, stream, move(http_cache)); // 11. Let pullAlgorithm be the following steps: auto pull_algorithm = GC::create_function(realm.heap(), [&realm]() { // 1. Let promise be a new promise. // 2. Run the following steps in parallel: // NOTE: This is handled by FetchedDataReceiver, which pushes bytes into the controller as they arrive. // 3. Return promise. return WebIDL::create_resolved_promise(realm, JS::js_undefined()); }); // 12. Let cancelAlgorithm be an algorithm that aborts fetchParams’s controller with reason, given reason. auto cancel_algorithm = GC::create_function(realm.heap(), [&realm, &fetch_params](JS::Value reason) { fetch_params.controller()->abort(realm, reason); return WebIDL::create_resolved_promise(realm, JS::js_undefined()); }); // 13. Set up stream with byte reading support with pullAlgorithm set to pullAlgorithm, cancelAlgorithm set to cancelAlgorithm. stream->set_up_with_byte_reading_support(pull_algorithm, cancel_algorithm); auto on_headers_received = GC::create_function(vm.heap(), [&vm, pending_response, stream, request, fetched_data_receiver](HTTP::HeaderList const& response_headers, Optional status_code, Optional const& reason_phrase, Optional javascript_bytecode, Optional javascript_bytecode_cache_vary_key) { if (pending_response->is_resolved()) { // RequestServer will send us the response headers twice, the second time being for HTTP trailers. This // fetch algorithm is not interested in trailers, so just drop them here. return; } auto response = Infrastructure::Response::create(vm); response->set_status(status_code.value_or(200)); if (reason_phrase.has_value()) response->set_status_message(reason_phrase->to_byte_string()); response->set_javascript_bytecode_cache(move(javascript_bytecode)); response->set_javascript_bytecode_cache_vary_key(javascript_bytecode_cache_vary_key); (void)request; if constexpr (WEB_FETCH_DEBUG) { dbgln("Fetch: ResourceLoader load for '{}' {}: (status {})", request->url(), Infrastructure::is_ok_status(response->status()) ? "complete"sv : "failed"sv, response->status()); log_response(status_code, response_headers, ReadonlyBytes {}); } for (auto const& [name, value] : response_headers.headers()) response->header_list()->append({ name, value }); fetched_data_receiver->set_response(response); // 14. Set response’s body to a new body whose stream is stream. auto body = Infrastructure::Body::create(vm, stream); response->set_body(body); fetched_data_receiver->set_body(body); // 17. Return response. // NOTE: Typically response’s body’s stream is still being enqueued to after returning. pending_response->resolve(response); }); // 16. Run these steps in parallel: // FIXME: 1. Run these steps, but abort when fetchParams is canceled: auto on_data_received = GC::create_function(vm.heap(), [fetched_data_receiver](ReadonlyBytes bytes) { fetched_data_receiver->handle_network_bytes(bytes, FetchedDataReceiver::NetworkState::Ongoing); }); auto on_complete = GC::create_function(vm.heap(), [&vm, &realm, pending_response, stream, fetched_data_receiver](bool success, Requests::RequestTimingInfo const&, Optional error_message) { // FIXME: Implement on_complete timing info for unbuffered requests HTML::TemporaryExecutionContext execution_context { realm, HTML::TemporaryExecutionContext::CallbacksEnabled::Yes }; if (success) { fetched_data_receiver->handle_network_bytes({}, FetchedDataReceiver::NetworkState::Complete); } else { // 16.1.2.2. Otherwise, if stream is readable, error stream with a TypeError. auto error = MUST(String::formatted("Load failed: {}", error_message.value_or("Unknown error"sv))); if (stream->is_readable()) stream->error(JS::TypeError::create(realm, error)); if (!pending_response->is_resolved()) pending_response->resolve(Infrastructure::Response::network_error(vm, error)); } }); auto network_request = ResourceLoader::the().load(load_request, on_headers_received, on_data_received, on_complete); fetch_params.controller()->set_pending_request(network_request); return pending_response; } // https://fetch.spec.whatwg.org/#cors-preflight-fetch-0 GC::Ref cors_preflight_fetch(JS::Realm& realm, Infrastructure::Request& request) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'CORS-preflight fetch' with request @ {}", &request); auto& vm = realm.vm(); // 1. Let preflight be a new request whose method is `OPTIONS`, URL list is a clone of request’s URL list, initiator is // request’s initiator, destination is request’s destination, origin is request’s origin, referrer is request’s referrer, // referrer policy is request’s referrer policy, mode is "cors", and response tainting is "cors". auto preflight = Fetch::Infrastructure::Request::create(vm); preflight->set_method("OPTIONS"sv); preflight->set_url_list(request.url_list()); preflight->set_initiator(request.initiator()); preflight->set_destination(request.destination()); preflight->set_origin(request.origin()); preflight->set_referrer(request.referrer()); preflight->set_referrer_policy(request.referrer_policy()); preflight->set_mode(Infrastructure::Request::Mode::CORS); preflight->set_response_tainting(Infrastructure::Request::ResponseTainting::CORS); // 2. Append (`Accept`, `*/*`) to preflight’s header list. preflight->header_list()->append({ "Accept"sv, "*/*"sv }); // 3. Append (`Access-Control-Request-Method`, request’s method) to preflight’s header list. auto temp_header = HTTP::Header::isomorphic_encode("Access-Control-Request-Method"sv, request.method()); preflight->header_list()->append(move(temp_header)); // 4. Let headers be the CORS-unsafe request-header names with request’s header list. auto headers = Infrastructure::get_cors_unsafe_header_names(request.header_list()); // 5. If headers is not empty, then: if (!headers.is_empty()) { // 1. Let value be the items in headers separated from each other by `,`. // NOTE: This intentionally does not use combine, as 0x20 following 0x2C is not the way this was implemented, // for better or worse. auto value = ByteString::join(',', headers); // 2. Append (`Access-Control-Request-Headers`, value) to preflight’s header list. preflight->header_list()->append({ "Access-Control-Request-Headers"sv, move(value) }); } // 6. Let response be the result of running HTTP-network-or-cache fetch given a new fetch params whose request is preflight. // FIXME: The spec doesn't say anything about timing_info here, but FetchParams requires a non-null FetchTimingInfo object. auto timing_info = Infrastructure::FetchTimingInfo::create(vm); auto fetch_params = Infrastructure::FetchParams::create(vm, preflight, timing_info); auto returned_pending_response = PendingResponse::create(vm, request); auto preflight_response = http_network_or_cache_fetch(realm, fetch_params); preflight_response->when_loaded([&vm, &request, returned_pending_response](GC::Ref response) { dbgln_if(WEB_FETCH_DEBUG, "Fetch: Running 'CORS-preflight fetch' preflight_response load callback"); // 7. If a CORS check for request and response returns success and response’s status is an ok status, then: // NOTE: The CORS check is done on request rather than preflight to ensure the correct credentials mode is used. if (cors_check(request, response) && Infrastructure::is_ok_status(response->status())) { // 1. Let methods be the result of extracting header list values given `Access-Control-Allow-Methods` and response’s header list. auto methods_or_failure = response->header_list()->extract_header_list_values("Access-Control-Allow-Methods"sv); // 2. Let headerNames be the result of extracting header list values given `Access-Control-Allow-Headers` and // response’s header list. auto header_names_or_failure = response->header_list()->extract_header_list_values("Access-Control-Allow-Headers"sv); // 3. If either methods or headerNames is failure, return a network error. if (methods_or_failure.has()) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "The Access-Control-Allow-Methods in the CORS-preflight response is syntactically invalid"_string)); return; } if (header_names_or_failure.has()) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "The Access-Control-Allow-Headers in the CORS-preflight response is syntactically invalid"_string)); return; } // NOTE: We treat "methods_or_failure" being `Empty` as empty Vector here. auto methods = methods_or_failure.visit( [](Vector& methods) { return move(methods); }, [](auto) -> Vector { return {}; }); // NOTE: We treat "header_names_or_failure" being `Empty` as empty Vector here. auto header_names = header_names_or_failure.visit( [](Vector& header_names) { return move(header_names); }, [](auto) -> Vector { return {}; }); // 4. If methods is null and request’s use-CORS-preflight flag is set, then set methods to a new list containing request’s method. // NOTE: This ensures that a CORS-preflight fetch that happened due to request’s use-CORS-preflight flag being set is cached. if (methods.is_empty() && request.use_cors_preflight()) methods = { request.method() }; // 5. If request’s method is not in methods, request’s method is not a CORS-safelisted method, and request’s credentials mode // is "include" or methods does not contain `*`, then return a network error. if (!methods.contains_slow(request.method()) && !HTTP::is_cors_safelisted_method(request.method())) { if (request.credentials_mode() == Infrastructure::Request::CredentialsMode::Include) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, TRY_OR_IGNORE(String::formatted("Non-CORS-safelisted method '{}' not found in the CORS-preflight response's Access-Control-Allow-Methods header (the header may be missing). '*' is not allowed as the main request includes credentials.", request.method())))); return; } if (!methods.contains_slow("*"sv)) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, TRY_OR_IGNORE(String::formatted("Non-CORS-safelisted method '{}' not found in the CORS-preflight response's Access-Control-Allow-Methods header and there was no '*' entry. The header may be missing.", request.method())))); return; } } // 6. If one of request’s header list’s names is a CORS non-wildcard request-header name and is not a byte-case-insensitive match // for an item in headerNames, then return a network error. for (auto const& header : *request.header_list()) { if (Infrastructure::is_cors_non_wildcard_request_header_name(header.name)) { bool is_in_header_names = false; for (auto const& allowed_header_name : header_names) { if (allowed_header_name.equals_ignoring_ascii_case(header.name)) { is_in_header_names = true; break; } } if (!is_in_header_names) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, TRY_OR_IGNORE(String::formatted("Main request contains the header '{}' that is not specified in the CORS-preflight response's Access-Control-Allow-Headers header (the header may be missing). '*' does not capture this header.", header.name)))); return; } } } // 7. For each unsafeName of the CORS-unsafe request-header names with request’s header list, if unsafeName is not a // byte-case-insensitive match for an item in headerNames and request’s credentials mode is "include" or headerNames // does not contain `*`, return a network error. auto unsafe_names = Infrastructure::get_cors_unsafe_header_names(request.header_list()); for (auto const& unsafe_name : unsafe_names) { bool is_in_header_names = false; for (auto const& header_name : header_names) { if (unsafe_name.equals_ignoring_ascii_case(header_name)) { is_in_header_names = true; break; } } if (!is_in_header_names) { if (request.credentials_mode() == Infrastructure::Request::CredentialsMode::Include) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, TRY_OR_IGNORE(String::formatted("CORS-unsafe request-header '{}' not found in the CORS-preflight response's Access-Control-Allow-Headers header (the header may be missing). '*' is not allowed as the main request includes credentials.", unsafe_name)))); return; } if (!header_names.contains_slow("*"sv)) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, TRY_OR_IGNORE(String::formatted("CORS-unsafe request-header '{}' not found in the CORS-preflight response's Access-Control-Allow-Headers header and there was no '*' entry. The header may be missing.", unsafe_name)))); return; } } } // FIXME: 8. Let max-age be the result of extracting header list values given `Access-Control-Max-Age` and response’s header list. // FIXME: 9. If max-age is failure or null, then set max-age to 5. // FIXME: 10. If max-age is greater than an imposed limit on max-age, then set max-age to the imposed limit. // 11. If the user agent does not provide for a cache, then return response. // NOTE: Since we don't currently have a cache, this is always true. returned_pending_response->resolve(response); return; // FIXME: 12. For each method in methods for which there is a method cache entry match using request, set matching entry’s max-age // to max-age. // FIXME: 13. For each method in methods for which there is no method cache entry match using request, create a new cache entry // with request, max-age, method, and null. // FIXME: 14. For each headerName in headerNames for which there is a header-name cache entry match using request, set matching // entry’s max-age to max-age. // FIXME: 15. For each headerName in headerNames for which there is no header-name cache entry match using request, create a // new cache entry with request, max-age, null, and headerName. // FIXME: 16. Return response. } // 8. Otherwise, return a network error. returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "CORS-preflight check failed"_string)); }); return returned_pending_response; } // https://w3c.github.io/webappsec-fetch-metadata/#abstract-opdef-set-dest void set_sec_fetch_dest_header(Infrastructure::Request& request) { // 1. Assert: r’s url is a potentially trustworthy URL. VERIFY(SecureContexts::is_url_potentially_trustworthy(request.url()) == SecureContexts::Trustworthiness::PotentiallyTrustworthy); // 2. Let header be a Structured Header whose value is a token. // FIXME: This is handled below, as Serenity doesn't have APIs for RFC 8941. // 3. If r’s destination is the empty string, set header’s value to the string "empty". Otherwise, set header’s value to r’s destination. auto value = request.destination().has_value() ? Infrastructure::request_destination_to_string(*request.destination()) : "empty"sv; // 4. Set a structured field value `Sec-Fetch-Dest`/header in r’s header list. request.header_list()->append({ "Sec-Fetch-Dest"sv, value }); } // https://w3c.github.io/webappsec-fetch-metadata/#abstract-opdef-set-dest void set_sec_fetch_mode_header(Infrastructure::Request& request) { // 1. Assert: r’s url is a potentially trustworthy URL. VERIFY(SecureContexts::is_url_potentially_trustworthy(request.url()) == SecureContexts::Trustworthiness::PotentiallyTrustworthy); // 2. Let header be a Structured Header whose value is a token. // FIXME: This is handled below, as Serenity doesn't have APIs for RFC 8941. // 3. Set header’s value to r’s mode. auto value = Infrastructure::request_mode_to_string(request.mode()); // 4. Set a structured field value `Sec-Fetch-Mode`/header in r’s header list. request.header_list()->append({ "Sec-Fetch-Mode"sv, value }); } // https://w3c.github.io/webappsec-fetch-metadata/#abstract-opdef-set-site void set_sec_fetch_site_header(Infrastructure::Request& request) { // 1. Assert: r’s url is a potentially trustworthy URL. VERIFY(SecureContexts::is_url_potentially_trustworthy(request.url()) == SecureContexts::Trustworthiness::PotentiallyTrustworthy); // 2. Let header be a Structured Header whose value is a token. // FIXME: This is handled below, as Serenity doesn't have APIs for RFC 8941. // 3. Set header’s value to same-origin. auto value = "same-origin"sv; // FIXME: 4. If r is a navigation request that was explicitly caused by a user’s interaction with the user agent (by typing an address // into the user agent directly, for example, or by clicking a bookmark, etc.), then set header’s value to none. // 5. If header’s value is not none, then for each url in r’s url list: if (!value.equals_ignoring_ascii_case("none"sv)) { VERIFY(request.origin().has()); auto const& request_origin = request.origin().get(); for (auto const& url : request.url_list()) { // 1. If url is same origin with r’s origin, continue. if (url.origin().is_same_origin(request_origin)) continue; // 2. Set header’s value to cross-site. value = "cross-site"sv; // 3. If r’s origin is not same site with url’s origin, then break. if (!request_origin.is_same_site(url.origin())) break; // 4. Set header’s value to same-site. value = "same-site"sv; } } // 6. Set a structured field value `Sec-Fetch-Site`/header in r’s header list. request.header_list()->append({ "Sec-Fetch-Site"sv, value }); } // https://w3c.github.io/webappsec-fetch-metadata/#abstract-opdef-set-user void set_sec_fetch_user_header(Infrastructure::Request& request) { // 1. Assert: r’s url is a potentially trustworthy URL. VERIFY(SecureContexts::is_url_potentially_trustworthy(request.url()) == SecureContexts::Trustworthiness::PotentiallyTrustworthy); // 2. If r is not a navigation request, or if r’s user-activation is false, return. if (!request.is_navigation_request() || !request.user_activation()) return; // 3. Let header be a Structured Header whose value is a token. // FIXME: This is handled below, as Serenity doesn't have APIs for RFC 8941. // 4. Set header’s value to true. // NOTE: See https://datatracker.ietf.org/doc/html/rfc8941#name-booleans for boolean format in RFC 8941. static ByteString value = "?1"sv; // 5. Set a structured field value `Sec-Fetch-User`/header in r’s header list. request.header_list()->append({ "Sec-Fetch-User"sv, value }); } // https://w3c.github.io/webappsec-fetch-metadata/#abstract-opdef-append-the-fetch-metadata-headers-for-a-request void append_fetch_metadata_headers_for_request(Infrastructure::Request& request) { // 1. If r’s url is not an potentially trustworthy URL, return. if (SecureContexts::is_url_potentially_trustworthy(request.url()) != SecureContexts::Trustworthiness::PotentiallyTrustworthy) return; // 2. Set the Sec-Fetch-Dest header for r. set_sec_fetch_dest_header(request); // 3. Set the Sec-Fetch-Mode header for r. set_sec_fetch_mode_header(request); // 4. Set the Sec-Fetch-Site header for r. set_sec_fetch_site_header(request); // 5. Set the Sec-Fetch-User header for r. set_sec_fetch_user_header(request); } void set_http_memory_cache_enabled(bool const enabled) { g_http_memory_cache_enabled = enabled; } bool http_memory_cache_enabled() { return g_http_memory_cache_enabled; } void clear_http_memory_cache() { HTTPCache::the().clear_cache(); } }